Kaspersky Anti-Ransomware Tool for Business (Beta)

Salutations/Greetings!

Tell how Kaspersky stops it that is the ransonware.

You can jump to 240 on the video! On System Watcher!
Also, use in Kaspersky Anti-Ransomware Tool for Business.

https://www.youtube.com/watch?v=yLEYP8728Tg

 

Seems to be a very nice software that will complement many security setups.

The question is just about performance and compatibility, if it is good it will be a no-brainer solution.

 

I think the big question is it gona be free for all or not?

 

http://www.thewindowsclub.com/kaspersky-anti-ransomware-tool

http://www.ubergizmo.com/2016/08/kaspersky-free-anti-ransomware-tool-windows/

http://www.kaspersky.com/about/news...-tool-available-free-of-charge-for-businesses

I think that Kaspersky is hoping that you will purchase more than just their basic Anti-virus.
So far there no conflicts/and/or headache's with other security software. With out question
a good selling point for their security products. I agree with Nightwalker!

 

They push notes and links to Kapersky lab research blog every now and then. So it is used as a marketing tool now.

 

I guess it would be unwise to run this alongside HMP.A?

 

Yes, HPMA should cover it (although video's of Cruel Sister often show HPMA fails against ransomware).

 

With the frequency HPMA is pushing out updates, any version is soon to be old.

 

It pushes out news blurbs of Kapersky Lab research. Also notifies you of news on which you can opt out. So I do not feel spammed (until now). Would be nice when @cruelsister could throw some new ransomware variants to it.

 

seems like CS is the go to for all the new products here and on another forum. with good reason. but I think CS is going to be too overwhelmed with requests while holding down a real job and as she has mentioned before she cant test it is conflicts with her job. we are still waiting on a few other programs but if it don't happen that she can test them so be it.

 

For reasons unknown she doesn't touch Kaspersky products.

 

@FleischmannTV

Thanks, so probably some legal stuff getting in the way related to her work

 

Hi Guys- Actually my reticence to test K is more moral than legal, but as I really can't discuss it I'll leave it there. However there comes a time when public good outweighs personal standards so I'll get over myself and this weekend publish Part 1 of 2 on KAR. Just have to pick the music for Part 1 so that should be good to go.

Glad you guys like the videos.

 

Does KAR detect and block malware, other than ransomware?

 

Cruel How about some Led Zepplin so I dont have turn the volume down LOL
Always enjoy the vids though and many thanks for your efforts.

 

Of course. It's a behavior blocker with rollback capability, directly from KAV/KIS.

 

@3x0gR13N

Any reason they specifically removed the anti-exploit monitoring?

Thx

 

Don't know. Disappointed to see it removed as well. It's possible that the anti-exploit works only if there are other protection components backing it up and providing necessary information about the memory operations, resources etc. used during exploiting.

 

I had thought it would make more sense when they "only" kept the behavioral blocker monitoring file/disk operations and removed all other behavioral monitoring, but the I realised that ransomware also uses credentials of regular process by injecting/launching them plus ransomware tries to hide in autostart entries. For an behaviorial based anti-ransomware to be effective its scope soon ends up to cover 80% of the full behavioral blocker version.

 

https://www.youtube.com/watch?v=sS_J1UzlPGM

Pity.

 

Pity?

Cruel Sister has punched a hole in Kapersky's marketing airbag: yes it does not stand up it promise. It fails against modified/morphed variants, but the signature based detection is excellent Compare the results with Cruel Sister's ESET or Bitdefender video's

So KapLab-AR is not the ultimate solution to ransomware threats, but it is a light and free addition to a vanilla Windows 10 setup. Smartscreen + WD + KapLab-AR probably outperforms most paid premium brand AV-solutions on Windows 8 and higher.

 

Complex behavioral analysis eats CPU capacity and delays startups of programs. I have put KapLab-AR on my wife's laptop (with 2010 dual core pentium) and it uses less than 0.02% of CPU and delays program startups with less than 0.1 of a second (average AV on execution check delays program startups with 0.2 to 0.5 secs on her laptop).

After seeing CS video, my take is that behavioral monitor probably builds a local whitelist cache and checks the cloud for blacklisted objects/processes when it detects intrusions from user space folders and user land processes (e.g. monitor side by side attacks on vulnerable medium level IL processes).

So it probably is a light behavioural monitor designed to selectively check the cloud blacklist (reduce overhead and increase compatibility). My guess is that the promised part2 of CS on KapLab-AR testing the behavioural monitor will be fun to watch.

 

Even more..

Code:

https://www.youtube.com/watch?v=-wjSrTwEuYg