Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

Kaspersky To Add Exploit Prevention, SSL Certificate Validation

MOSCOW, Russia – Kaspersky Lab provided a sneak peek and demonstration of the 2013 edition of its Kaspersky Internet Security suite today at the Kaspersky Lab Security Summit 2012 taking place this week in Moscow—just miles away from the company’s headquarters.

MOSCOW, Russia – Kaspersky Lab provided a sneak peek and demonstration of the 2013 edition of its Kaspersky Internet Security suite today at the Kaspersky Lab Security Summit 2012 taking place this week in Moscow—just miles away from the company’s headquarters.

In a hyper-competitive market, anti-virus vendors are constantly looking to innovate and design new features and bring performance enhancements in order to gain market share and fend off competition. While Kasperksy Lab has added several new features to its soon-to-be-released flagship Internet security software, two features standout that appear to be Industry firsts in the category.

By far the most important new feature, and one that Kaspersky hopes will help differentiate its newest offering from other competitive products on the market, is a new technology dubbed “Automatic Exploit Prevention.”

This added layer of security will help users defend against targeted attacks, and advanced attacks that may otherwise go undetected by a traditional antivirus scanning engines. The company says that the technology significantly reduces the chances of being infected via web-based malware via drive-by-downloads, or falling victim to a targeted attack.

Kaspersky Security Summit 2012, MoscowAutomatic Exploit Prevention goes beyond traditional signature-based malware detection, a technology that is still important, but one that is increasingly viewed as a commodity, based on the massive growth in malware that makes use of a signature-based approach as a sole protection measure less effective. Kaspersky, which says they detect approximately 125,000 unique malicious software samples each day, says the new exploit prevention technology targets the most sophisticated threats that target vulnerabilities in popular software products such as Adobe Flash, Adobe Reader, and Java.

“The purpose of any exploit is to trigger certain vulnerabilities in software in order to launch various types of malicious code,” the company explained. Relying on traditional scanning engines to defend against new and advanced attacks can be risky. “This is especially true when it comes to zero-day vulnerabilities – those which are either unknown or very recently discovered. In this case it is hard for security vendors to recognize exploits targeting a zero-day vulnerability using signature-based methods.”

While there are enterprise-class solutions available that help organizations defend against such attacks and block exploit attempts, consumer-focused security solutions have not yet enjoyed such protections. Kasperksy Lab says this new layer of protection brings a significant level of added protection that is much needed to address the ever-increasing level of threats.

“It’s not 100 percent protection, but it makes it makes it more expensive and drives up the cost of exploits,” added Vitaly Kamluk, Chief Malware Expert, Global Research & Analysis Team at Kaspersky Lab. The exploit prevention technology comes as natural evolution of security protection, something that is much needed by users, and something that Kamluk beleives other vendors will eventally implement as well.

Crowd Sourced SSL Certificate Validation

Advertisement. Scroll to continue reading.

A second feature of significance, and something not found in other competitive offerings, is a way to check for valid SSL certificates when visiting Web sites. The company has introduced a special cloud-based check that triggers when a browser attempts to establish a secure (https) connection to a Web site. When the site returns the certificate in response to a browser request, Kaspersky Internet Security checks to determine if the certificate is valid, using what is essentially a crowd sourced model that looks to see if others have received the same certificate from a site.

“We do not just check different keys in the certificates,” Nikolay Grebennikov, CTO at Kaspersky Lab explained. “We also check and analyze what certificate—for example one thousand users—received previously when connecting to the same site. If they got one certificate, and you got another, you probably connected to a fake site or you are experiencing a Man-In-The-Middle attack.”

Other enhancements in the new version of Kaspersky Internet Security include a new antivirus engine with improved speed and detection rates, a new anti-spam module, a “Safe Money” feature designed to provide maximum protection during online banking sessions, and an enhanced user interface.

The product is expected to start shipping in mid August 2012.

Disclosure: Travel and accommodations for SecurityWeek to attend the Kaspersky Lab Security Summit 2012 were provided by Kaspersky Lab, under the condition that no coverage was guaranteed nor would positive coverage be guaranteed.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Endpoint Security

Gigabyte has announced BIOS updates that remove a recently identified backdoor feature in hundreds of its motherboards.

Endpoint Security

Several major companies have published advisories in response to the Downfall vulnerability affecting Intel CPUs.

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

CISO Strategy

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.

Endpoint Security

The Zero Day Dilemma

Endpoint Security

When establishing visibility and security controls across endpoints, security professionals need to understand that each endpoint bears some or all responsibility for its own...