Malware Hub Report Kaspersky EndPoint Security 11.1 - March 2019 Report

Disclaimer
  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

harlan4096

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,634
Kaspersky EndPoint Security 11.1 - March 2019 Report
Due to the small number of samples used in this tests, you should take results with a grain of salt. We encourage you to compare these results with others and take informed decisions on what security products to use.
Total Samples: 211
Total Static Detections: 176 / 211 (83,41%)
Total Dynamic Detections: 27 / 211 (12,79%)
Total Not Detected/Missed: 8 / 211 (3,79/)
Total Detected: 203 / 211 (96,20%)

Total samples pack: 28
Total samples pack been tested: 28
Total final status of the system (clean): 19
Total final status of the system (protec
ted): 9
Total final status of the system (infected): 2* (in 2 Dynamic BB Bonus Test)
Total final status of the system (encrypted): 2* (in 2 Dynamic BB Bonus Test)
__

C: Clean / P: Protected / P - NC: Protected - Not Clean / I: Infected / E: Encrypted


* Dynamic BB Bonus Test (File Anti-Virus + Host Intrusion Prevention + KSN disabled)
* Partially Blocked
* BSR: Before System Reboot
* ASR: After System Reboot

March
2019
Samples
Pack
Static
Detection
Dynamic
Detection
Total
Detection
Bait Files
Encrypted
2nd Opinion
Scanners
System
Final Status
Thread
Link
01/03/2019​
15​
13 / 15​
2 / 2​
15 / 15​
No​
C
C
02/03/2019​
2​
1 / 2​
1 / 1
1 / 1*
2 / 2​
No​
C
C
02/03/2019​
1​
1 / 1​
1 / 1*
1 / 1​
No​
C
C
04/03/2019​
20​
17 / 20​
3 / 3​
20 / 20​
No​
C
P
06/03/2019​
1​
1 / 1​
1 / 1*
1 / 1​
No​
C
C
07/02/2019​
5​
5 / 5​
4 + 1 / 5*
5 / 5
4 + 1 / 5*
No (4)
Yes (1)
C
N/A
*
C
E (1)*
08/03/2019​
13​
12 / 13​
1 / 1​
13 / 13​
No​
C
C
09/03/2019​
1​
1 / 1​
0 / 1*
1 / 1
0 / 1*
No
Yes
C
N/A
*
C
E *
10/03/2019​
1​
1 / 1​
1 / 1*
1 / 1​
No​
C
C
11/03/2019​
19​
14 / 19​
5 / 5​
19 / 19​
No​
C
P
14/03/2019​
15​
11 / 15​
4 / 4​
15 / 15​
No​
C
P
14/03/2019​
3​
3 / 3​
3 / 3*
3 / 3​
No​
C
C
15/03/2019​
1​
1 / 1​
1 / 1*
1 / 1​
No​
C
C
15/03/2019​
9​
6 / 9​
2 / 3​
8 / 9​
No​
C
P
16/03/2019​
1​
1 / 1​
1 / 1*
1 / 1​
No​
C
C
17/03/2019​
2​
2 / 2​
2 / 2*
2 / 2​
No​
C
C
18/03/2019​
13​
9 / 13​
3 / 4​
12 / 13​
No​
C
P
19/03/2019​
1​
1 / 1​
1 / 1*
1 / 1​
No​
C
C
19/03/2019​
1​
1 / 1​
1 / 1*
1 / 1​
No​
C
C
21/03/2019​
12​
10 / 12​
1 / 2​
11 / 12​
No​
C
P
22/03/2019​
20​
17 / 20​
0 / 3​
17 / 20​
No​
C
P
23/03/2019​
1​
1 / 1​
1 / 1*
1 / 1​
No​
C
C
23/03/2019​
2​
2 / 2​
2 / 2*
2 / 2​
No​
C
C
24/03/2019​
1​
1 / 1​
1 / 1*
1 / 1​
No​
C
C
25/03/2019​
22​
18 / 22​
3 / 4​
21 / 22​
No​
C
P
27/03/2019​
10​
7 / 10​
2 / 3​
9 / 10​
No​
C
P
28/03/2019​
2​
2 / 2​
2 / 2*
2 / 2​
No​
C
C
29/03/2019​
17​
17 / 17​
N/A​
17 / 17​
No​
N/A​
C
 
Last edited:

harlan4096

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,634
As promised it is debt, here You are a video showing a tour over the main settings of KES11.1, I left some modules which are usually used in corporate environments and are managed with policies from a console (KSC -> Kaspersky Security Center)

Note that there are changes related to some protection modules, for instead, main "File AV" module here it is called "File Threat Protection", and the so known "System Watcher" module in home products, here is split in 3 different ones: "Behaviour Detection" + "Exploit Prevention" + "Remediation Engine".

Also there is "Host Intrusion Prevention" which is the "Application Control" in home products.

And the "Application Control" here is a specific module to control attempts of starting applications using rules and templates, and there is no "Parental Control" but "Web Control", and a complete module to control the connection of removable devices: "Device Control".


Enjoy! :giggle:
 
Last edited:

harlan4096

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,634
I have it installed in a VM, and haven't tested in a real system yet, so I prefer not to advance an opinion, but here You are some screen-shots about system resources:
210146


210147


210148

 

Andrew3000

Level 11
Verified
Top Poster
Malware Hunter
Well-known
Feb 8, 2016
516
How do you control the software settings? It makes me control the application only through the site.
 
  • Like
Reactions: [correlate]

Andrew3000

Level 11
Verified
Top Poster
Malware Hunter
Well-known
Feb 8, 2016
516
What do You mean with software settings? Which version of Kaspersky do You have?

Using KESC (Kaspersky Endpoint Security Cloud) 11. It says: Kaspersky Security Policy is applied to the computer.
I can't change the settings, if I want to do I need to go on the website.
In the video you're able to manage the setting directly to the app. If I want to do that I need go to the business hub.
 

harlan4096

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,634
I will post here an extra test with KIS2019 I performed yesterday with the 2 samples (from dates 07/03/2019 & 09/03/2019) that managed to encrypt system files in a Dynamic/On Execution BB Bonus Test with KES 11.1:

Let's see now the same Dynamic/On Execution BB Bonus Test (in the same conditions) with KIS2019 and those 2 samples:

In both cases the samples were already detected by signatures.
In both cases File AV + Application Control (Host Intrusion Prevention in KES) + KSN were disabled.

* (Hit) sql:

210377

210375210376


* (Hit) LockerGoga.exe:

210377

210378210379

It seems the BB modules in both products are working in different way against the same samples: KES 11.1 (Miss -> encrypted files) & KIS2019 (Hit -> no files were encrypted) :unsure:.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top