Kaspersky Endpoint Detection and Response Expert provided 100 protection against attacks using Windows’ Local Security Authority Subsystem Service (LSASS) in a recent AV-Comparatives test. Kaspersky EDR Expert successfully protected the LSASS process from dumping credentials against 15 different attacks.

AV-Comparatives is known as a world-renowned independent organization that conducts regular security software testing. In the latest report from the institution’s testing lab, it analyzed the protection capabilities of four security solutions to protect the LSASS process and prevent identity theft.

Attackers who exploit LSASS on a Windows computer can exploit domain user credentials to spread the attack locally or laterally within the target network. AV-Comparatives engineers used a variety of tools and methods to evaluate the capabilities of the products they tested, including Reflective DLL, Native APIs DLL, Invoke-PPL Dump, and others. In this form, it attempted to access the infrastructure through 15 sophisticated attacks. At this point, security solutions were expected to block the LSASS memoryless attempt.

Tests have confirmed that the credentials dumping security measures enabled by default by Kaspersky Endpoint Detection and Response Expert are effective and provide 100 percent protection against all tested LSASS attack methods.

Head of Threat Research, Kaspersky Alexander Liskinsaid: “We are excited to participate in research by AV-Comparatives and receive real-world test case results. Testing our security products against specific attacks is the key to verifying the quality of Kaspersky technologies. We strive to consistently provide the highest level of protection to our customers, and such achievements show that our efforts are timely.”

CEO of AV Comparatives Andreas Clementic also added: “In its default configuration, Kaspersky EDR Expert 100 demonstrated protection against LSASS reference dump attacks used in our custom study.”

Kaspersky Endpoint Detection and Response Expert provides visibility into all endpoints in corporate networks and tackles the automation of routine tasks to discover, prioritize, investigate and neutralize complex threats and attacks at the APT level with superior defense capabilities. Learn more about Kaspersky Endpoint Detection and Response Expert here.

The full report detailing Kaspersky EDR Expert’s performance during AV-Comparatives testing can be found at this link.

Source: (BYZHA) – Beyaz News Agency