451 Research on Kaspersky Lab: quick response as a key differentiator

451 Research has released a very complimentary overview of Kaspersky Lab’s current position and strengths. Here’s some commentary from their report.

451 Research has recently released a research paper dedicated to Kaspersky Lab. It’s very complimentary, so we are proud to be affiliated.


451 points out several distinctive factors which make Kaspersky Lab’s case peculiar: For instance, despite its large size (2,900 employees globally), the company manages to maneuver the market with admirable agility; this is mostly due to its private-owned nature:

“With an R&D arm a thousand strong and no external investors or shareholders to answer to, the company is free to explore whatever avenues it prefers and executes relatively quickly on its decisions. With much of its competition traditionally slow to maneuver and respond to market changes and the security landscape quick to change, it is no surprise Kaspersky changed direction away from the IPO route and chose to remain private.”

Another distinctive feature is that Kaspersky Lab does everything in-house: no acquisitions. Kaspersky Lab’s technologies are all home-brewed, and that’s the basis of the strategy our company took long ago. Advantages are clear: All products share the same codebase, which removes any compatibility issues between different products. 

“Although Kaspersky has integration and technical partnerships with more than 80 hardware and software vendors, it has taken steps to remove reliance on partnerships for core technologies. For example, while Kaspersky once partnered with Bit9 for access to its global software registry, it now offers a native in-house offering via the Kaspersky Security Network (KSN),” the paper reads.

This, however, doesn’t mean that Kaspersky Lab doesn’t do partnerships at all. Our sales partner network is vast and, fortunately, far-reaching.

451 Research specifically points out the diversification of Kaspersky Lab’s products as yet another of the company’s advantages:

“This diversification includes reaching into niche and mainstream markets alike with products designed to protect mobile devices, virtualized environments, SCADA/ICS environments, ATMs and POS terminals.”

That’s been done for a good (or a bad?) reason: threats emerged that cannot and should not be overlooked. For instance that hapless piece of malicious highly targeted software that’s now called Stuxnet showed, among other things, that ICS users just weren’t ready for getting hit; they were, well, innocently 404 about the very possibility of malware slithering in.

That’s no longer the case, although the situation is improving at much slower pace than desired. In 2003, Kaspersky Lab’s experts predicted that mobile malware would be breaking surface soon. In 2004 Cabir, the first smartphone virus, hit the scene. Even though it was very benign (except for the battery), the fact it was there proved that another Pandora box was due to be opened. And today mobile Trojans, etc. are arguably an even bigger problem than old-timer PC malware.

While 451 points out Kaspersky Lab’s ability “to shift strategy, innovate and bring new products to market in a relatively short time in response to market trends”, it’s not just about trends, but rather threats that are in focus.




Given the avalanche of malware appearing daily, the reaction timing is essential: “enemies” (i.e. malware writers and cyber-attackers) are smart, tech-savvy, well prepared and highly motivated, whether it’s about money or political statements or whatever. So – strike ahead wherever possible, cover all areas where the problems may emerge, from home to huge corporate networks; employ newer technologies such as cloud (Kaspersky Security Network), sandboxing, automatic exploit prevention; get antifraud prevention up and running (and do it yourself instead of paying millions for acquisition as IBM did), branch out to MDM, patch management to protect businesses, and threat intelligence – or get beaten. We prefer the latter never happens.

In the end 415 Research says (in the “Weaknesses” section):

“We feel the company could do more to enter the next-gen endpoint market and distance itself from its antivirus roots. We’re also seeing the threat detection and remediation (TDR, derivative of the ETDR acronym) market steadily moving toward the anti-malware space and even combining with it in the case of Bit9’s Carbon Black acquisition.”

Well, to be honest, while Kaspersky Lab is far ahead from its “antivirus roots”, it is “inertia of perception” that makes end users call us “an antivirus vendor”. But on the other hand, it’s still the same story: is antivirus on its own is “dead” or “alive”, or, by Heaven’s grace, “undead” even?

“Dead” means “gone”; has the antivirus gone bye-bye? Nope. Is it sufficient for a modern security solution to have only virus-busting capabilities? Negative. A modern security solution needs to be both an antivirus and a lot of lots else. 

But people will still call it “antivirus”, because it’s a habit. One day it’ll go away. We, on our side, keep doing everything to crack that perception, marketing-wise, and technology-wise Kaspersky Lab is far ahead and beyond already.