Woburn, MA – March 27, 2014 - Kaspersky Lab’s security solution for corporate users, Kaspersky Endpoint Security for Business, has earned the best results in the Real World Enterprise Security Exploit Prevention Test carried out by MRG Effitas between November 2013 and February 2014. As a result, the Kaspersky Lab solution has received the MRG Effitas Certification.
For corporate users, exploits – malicious programs that utilize vulnerabilities in legitimate software to penetrate a computer – are dangerous because an attack on company computers can disrupt business processes and lead to huge losses – both financial and reputational. The use of exploits drastically increases the efficiency of targeted cyber-attacks on organizations. One recent example is the Careto malware which affected at least 380 public and private targets worldwide. Protecting corporate clients becomes more difficult when companies have to use software that is only compatible with older – and consequently more vulnerable – versions of Java, for which the majority of exploits are written today.
As such, MRG Effitas investigated the level of anti-exploit protection of six corporate products from different vendors. MRG Effitas selected 110 malicious links containing exploits to test the products; the vast majority (98) of which targeted the Java platform which has seen an increase in exploits over the last two years. Kaspersky Endpoint Security for Business was not only tested as an integrated product, but its Automatic Exploit Prevention module, used in all Kaspersky Lab protection solutions, was also tested in isolation from all other protection mechanisms.
The testing was divided into two stages. The first stage determined the percentage of exploits blocked at an early phase, before the malicious code started its destructive activity. The second stage was less stringent and the security solution was awarded a “pass” even if it failed to block the initial exploit but managed to counter any malware it tried to load.
Kaspersky Endpoint Security for Business demonstrated the best results in the first stage, blocking 98 percent of exploits. Even when Automatic Exploit Prevention was tested in isolation, without any other security features, the solution performed better than most of the other participants and shared second place after blocking 95 percent of the exploits. During the second stage, Kaspersky Endpoint Security for Business blocked 100 percent of the threats; a result matched by only one other product. Other participants scored no higher than 94 percent.
Testing was carried out on a 64-bit version of Microsoft Windows 7 Enterprise SP1. Applications which were most frequently targeted by exploits in the preceding year, such as Java 1.7, Adobe Reader 9.3, Flash Player 10.1, Silverlight 5.1 and Internet Explorer 8.0, were also installed on the test computers.
Oleg Ishanov, Director Anti-Malware Research
"To date, no serious cyber-attack targeting an organization can function without exploits. Acting as secretly as possible, exploits seize control of the computer and then run malicious code that unleashes the main part of the attack. So it is much safer to block the exploit at the first stage, before it can load malicious programs onto the computer. The MRG Effitas test demonstrated that our Automatic Exploit Prevention technology can cope with this task better than our competitors’ solutions, even when isolated from the other security sub-systems in the product.”
About Kaspersky Lab
Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its more than 16-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at www.kaspersky.com.
* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2011. The rating was published in the IDC report "Worldwide Endpoint Security 2012–2016 Forecast and 2011 Vendor Shares (IDC #235930, July 2012). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2011.
For the latest in-depth information on security threat issues and trends, please visit:
Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter
Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter