Kaspersky Endpoint Security for Linux

KasperskyEndpoint Security for Linux

For workstations and servers


Although the number of threats targeting Linux is lower compared to those targeting other platforms, attacks against it are on the increase: there are more than 100,000 malicious files registered in Kaspersky Lab databases.

Kaspersky Endpoint Security for Linux provides next-generation, multi-layered protection against all types of cyberthreats, on the widest range of Linux platforms. It delivers reliable protection with minimal impact on performance. It’s available within our comprehensive product portfolio – including Kaspersky Endpoint Security for Business – and provides complete protection in hybrid environments, ensuring all systems are managed and protected all the time.

Kaspersky Endpoint Security for Linux provides built-in technologies to:

  • Eliminate redundant scanning and protect valuable data and business applications
  • Identify and block the latest, emerging threats
  • Deliver optimal security with minimal impact on other applications or overall system performance.
  • Protection from cyberthreats

    Kaspersky Endpoint Security for Linux is built on the world's most tested, most awarded security. It combines the best of human expertise with big data threat intelligence and machine learning. Multiple layers of security detect known and advanced threats, even in memory or boot sectors.

    • Real-time protection from zero-day attacks

      Rapid response to zero-day malware is a critical part of Kaspersky's cybersecurity capabilities. Kaspersky Security Network (KSN) is our advanced cloud system that processes anonymized threat data from millions of nodes worldwide, using sophisticated data science technologies to deliver near real-time threat intelligence to every user.

      This agility means that, even in zero-day attack situations, where threat information is not yet available to the endpoint, KSN works with Kaspersky Endpoint Security for Linux to stop threats. Big data processing of massive volumes of threat metadata from suspicious files makes it possible to make rapid, accurate decisions about their safety without having to completely analyze their content – with short response times, it's a significant additional layer of security for *nix endpoints.

    • Behavior Detection

      Behavior Detection provides proactive defenses, identifying and extracting suspicious behavior patterns and effectively protecting your system against advanced threats.

    • Auto-scan of removable drives

      Auto-scan for newly connected storage devices doesn't allow malicious programs that exploit operating system vulnerabilities to replicate themselves via removable drives.

    • Network Threat Protection

      Our Network Threat Protection helps to prevent network threats – including port scanning, denial-of-service attacks and buffer-overruns. It constantly monitors network activities and, if it detects suspicious behavior, runs pre-defined responses.

    • Web Threat Protection and anti-phishing

      Our Web Threat Protection delivers a near-100% threat detection rate incorporated in the web traffic and blocking blocks harmful scripts.

      Web Threat Protection monitors web traffic for attempts to visit phishing websites – and blocks access to them. To check links on webpages for phishing threats and malicious web addresses, Kaspersky Endpoint Security uses the application databases, heuristic analysis and data from Kaspersky Security Network.

    • Reduce exposure to attacks with device control

      Device control reduces your attack surface and helps keep users safe and compliant with security policies.

    • Control network risks from one place

      Configure and manage built-in Linux OS firewall settings: Kaspersky Endpoint Security for Linux enables the creation of firewall rules policy, network activity logs and security incident review from one place.

      Enforce network policies to all endpoints from Kaspersky Security Center, your single point of security management and control.

    • Stop ransomware

      Kaspersky Security for Linux contains a unique anti-cryptor mechanism capable of blocking encryption of files on shared resources from a malicious process running on another machine on the same network. This system constantly watches over the protected shared folders, tracking the state of the stored files. As soon as encryption activity is detected, the system blocks the attack source machine from accessing the server, stopping the encryption process and preventing the loss of corporate data.

    • Help meet regulatory requirements

      The safety of sensitive data is at the top of every business's security agenda. Kaspersky Security for Linux supports this with essential functionality to strengthen security and aid compliance with key principles such as PCI DSS and SWIFT usage requirements. The File Integrity Monitor can guarantee the integrity of system files, logs and critical applications by tracking unauthorized changes in important files and directories.

    Security for DevOps

    Kaspersky Endpoint Security for Linux enables run-time protection from threats, on-demand scanning of containers, images and repositories as well as flexible integration into CI/CD pipelines.

    • Run-time protection for containerization platforms

      Secure containerization environments ensure safer development, packaging and publishing of applications. Kaspersky Endpoint Security for Linux packs extensive security for Docker platform, enabling On-Access Scan (OAS) for File Threats, providing real-time Behavioral Protection to prevent exploitation, privilege escalation and container escape attempts. Namespaces are monitored for threat-carrying entity isolation and granular control of actions that are taken on the abusing entity upon detection.

    • On-Demand Scanning (ODS) tasks with flexible scope control

      On-Demand Scanning of containers, images and both local and remote repositories allows maintaining sanitized repos for devs’ needs. Namespace monitoring, flexible mask-based scan scope control and ability to scan different layers of containers help enforce secure development best practices.

    • Rich integration options enable “security as code” approach

      Kaspersky Endpoint Security for Linux provides interfaces to enable “security as code” approach. Paired with ODS, Kaspersky Endpoint Security for Linux enables transformation of DevOps into DevSecOps, helping combine lean software practices and Just-In-Time application building, packaging and delivery in a controlled and secure way without slowing down the processes.

      CI/CD platform integrations (e.g. Jenkins) simplify pipeline building and automation.

    Low footprint for high-perf