Windows’ dominance makes it an ongoing target for cybercriminals.
Built-in security features aren’t enough to protect your business from next-generation cyberthreats. But just adding-on multiple, disjointed technologies leads to management complexity – and reduces effectiveness.
Kaspersky Endpoint Security for Windows is the world’s most tested, most awarded security application powered by next-generation technologies to protect all Windows endpoints – and the data on them.
It combines multi-layered, next-generation threat protection with additional proactive technologies such as Application, Web and Device controls, vulnerability and patch management and data encryption into an EDR-ready endpoint agent with an extensive systems management toolkit. Kaspersky’s flagship product offers comprehensive features and benefits:
Learn more about True Cybersecurity for business and what our customers are saying about our technologies here.
Our comprehensive, independently tested solutions are powered by multi-layered, next-generation protection that minimizes the opportunities for threats to reach endpoints while reliably identifying and blocking the ones that do.
Several signature-less components, such as HIPS, Kaspersky Security Network, Behavior Detection and Exploit Prevention, help to detect threats even without frequent updates. Protection is powered by static machine learning for pre-execution stages and dynamic machine learning for post-execution stages. Behavior Detection analyzes process activity in real-time and if it identifies a process as malicious, the issue is flagged, the process terminated and the remediation engine rolls back any changes.
Kaspersky Endpoint Security for Windows can integrate with Kaspersky Sandbox and Kaspersky EDR Optimum for advanced prevention detection and response capabilities.
Kaspersky Endpoint Security for Business can be further boosted with the new Kaspersky EDR Optimum. The result is full visibility and the ability to apply root-cause analysis for a complete understanding of the status of your corporate defenses against advanced threats. Your IT security specialist is provided with the information and insights needed for effective investigation and a fast, accurate response to incidents before any damage can occur – as well as basic threat hunting capabilities (IoC scan).
Kaspersky Sandbox automatically protects against advanced threats designed to bypass endpoint protection. Based on dynamic threat emulation technology, Kaspersky Sandbox uses our best practices in combating complex threats and APT-level attacks, ensuring an automated response across all endpoints.
Our mathematical model analyses over 100,000 sample features and uses 10-million logs to 'teach' the behavior models – in one lightweight 2MB client-side package. Our extensive cloud threats database includes 50TB of data and 4 billion+ hashes, all without impacting on your resources or performance.
Each piece of next-generation technology is designed to deliver the fastest reaction times, lowest false positive rate and highest levels of protection, as verified in independent tests. These optimized performance levels use fewer resources and less energy, reducing your TCO.
With the introduction of our new Cloud Mode for protection components, the latest version of Kaspersky Endpoint Security for Windows:
In Q3 2018 alone, over 250 million unique URLs were recognized as malicious by Kaspersky technologies. Even a favorite, trusted website or corporate node can be compromised, making everyday operations insecure.
Kaspersky Endpoint Security for Windows is powered by Kaspersky Security Network (KSN), our cloud-assisted threat intelligence network. Millions of globally distributed nodes feed real-world threat intelligence to our systems, ensuring a near real-time response to even the newest emerging or evolving threats – including mass attacks.
KSN adds a further layer of security to the endpoint, enabling rapid, accurate decisions about URL or file safety to be made without requiring full content analysis. Response times are as low as 0.02 seconds - significantly faster than traditional protection methods.
The Web Threat Protection component scans HTTPS traffic to intercept, identify and block the latest threats, including those using encryption to penetrate the system undetected. The und user experience is seamless and uninterrupted.
Network Threat Protection identifies and blocks attacks on your corporate network. It's the component that can prevent infections from spreading through a buffer-overrun attack - when malicious code executes by modifying a process already downloaded in memory. New Network Attack Blocker functionality protects against attacks that exploit vulnerabilities in the ARP protocol in order to spoof a device's MAC address.
Cybercriminals use tools and scripts to collect administrator passwords to control infected hosts remotely. They also use legitimate utilities to launch fileless attacks, making it impossible for traditional protection engines to block them. Kaspersky's Behavior Detection protects against new, advanced threats, including ransomware. It does this by detecting and analyzing suspicious activity on workstations, shared folders and file servers, and by using behavior analysis to detect evolving threats – identifying them by their actual behavior rather than their emulated activity at the intrusion prevention stage. If an attack is detected, the malware is blocked and automatic rollback reverses any malicious actions that have already taken place.
Windows Subsystem for Linux (WSL) is a popular subsystem enabling *NIX/Linux applications to run on Windows 10. This subsystem is now protected, with scanning of WSL files, apps and traffic.
Kaspersky's Exploit Prevention prevents malware from executing and exploiting software or operating system vulnerabilities. The most targeted applications - including Adobe® Reader, Microsoft® Internet Explorer®, Microsoft® Office®, and Java – are monitored, providing an extra layer of protection against unknown, zero-day threats.
Kaspersky Endpoint Security for Windows instances can integrate with Endpoint Detection and Response (EDR) Advanced, serving as its sensors on workstations and servers. This enables large volumes of data to be captured and analyzed onshore, without impacting on user productivity. Advanced threat hunting looks for evidence of intrusion, such as file specimens matching Indicators of Compromise (IoCs).
Light-touch control and management for all endpoints from a 'single pane of glass' console – spend less time and resources managing IT assets and security. Define and replicate specific settings and parameters from a universal policy.
Unique wizards for easy deployment across the network, with or without Active Directory domain. Deploy and retain endpoint protection even if networks are physically disconnected from the Internet.
Assign different endpoint groups or management tasks to different administrators via the Role-Based Model and customize the management console so that each administrator can only access the tools and data relevant to their responsibilities.
Kaspersky Security Center is a central management console that makes it easier for administrators to configure, deploy, update and manage their security. It simplifies the application of group tasks, policies and policy profiles and the generation of reports. Three management options are available:
Secure your data with FIPS 140-2 and Common Criteria: EAL2+ certified encryption, or use built-in Microsoft® BitLocker® management to enable OS-embedded encryption.
Whether it's a stolen laptop or lost storage device, encryption make sensitive data useless to criminals or unauthorized viewers. Kaspersky Endpoint Security for Windows uses the Advanced Encryption Standard (AES) 256 bit algorithm and supports Intel® AES-NI for fast encryption.
Full Disk Encryption (FDE) runs on the physical hard drive, making it easy to run an 'encrypt everything at once' strategy without relying on end users to decide which items should be encrypted. Full Disk Encryption enables pre-boot authentication and guarantees a secure, tamper-proof environment external to the operating system – as a trusted authentication layer.