August 14, 2021: Kaspersky unveils updates to two of its applications in the Kaspersky Hybrid Cloud Security protection solution for virtualization and cloud environments: Kaspersky Endpoint Security for Linux and the Kaspersky Security Center management console. The new version of Kaspersky Endpoint Security for Linux strengthens the defenses against exploits and ransomware attacks. It also extends protection for DevOps with support for new containerization environments and a more native provision of protection mechanisms for Docker containers. Kaspersky Security Center cloud console now works with public cloud platforms to enable more convenient management of workload protection in the cloud.
As Kaspersky research shows, dedicated protection for Linux servers is essential whether they are on-premises or in the cloud. Advanced threats for Linux cannot be less severe than for other operating systems, with these servers often hosting mission-critical applications or becoming a stepping stone for endpoint access on Windows and iOS. Compromised servers can go unnoticed for a long time. Protecting against ransomware attacks is also essential to avoid disruption and financial loss. For example, in the summer of 2020, a major publisher of solutions for digital workspaces and the professional printing industry, became a victim one of these Linux executables, RansomEXX, causing company services to crash.
To combat these types of threats, the updated Kaspersky product features new application control for Linux workloads, helping organizations effectively prevent the launch of unauthorized or unknown (and potentially dangerous) executables. A customer can now configure application launch policies based on security requirements, for example, create a list of applications that cannot be launched. In the Default Denied scenario, only applications from the approved list can be launched into the workload. Administrators can also configure policies for separate machines or groups of machines.
New Executable Software Inventory feature creates a list of all used application executables by path, hash, and type, so it can be used to create and assign categories and as a preparation step for monitoring configuration applications.
Kaspersky Endpoint Security for Linux also enhances protection for DevOps to help customers add security practices to the product development lifecycle. The product can now scan containers and images in more containerization environments, in addition to Docker: Cri-O, Podman, and runC – to reveal compromised assets.
For Docker users, deploying and configuring products just got easier and faster. Customers can now run Kaspersky Endpoint Security for Linux as a container in the very environment they want to protect. The on-demand scan service (ODS) is enabled through the RESTful API.
This new version also provides updates for security administration now that the SaaS version of the Kaspersky Security Center console is available to manage the security of workloads in public clouds: Amazon Web Services, Microsoft Azure and Google Cloud. It is hosted and maintained by Kaspersky, which saves customers time and resources for deployment.
“Businesses make heavy use of cloud environments and cyber protection shouldn’t be left behind. Our solution aims to help organizations adopt the cloud securely and meet their needs. Security enhancements for Linux are critical because businesses need the right level of protection for all the platforms and endpoints they use. They also want to save team resources for additional tasks, such as solution deployments, so our cloud console supports that need. When it comes to DevOps, one of the main issues for companies here is to seamlessly integrate security into automated pipelines, which is why we have focused our efforts to make this process as convenient as possible, ”comments Timofey Titkov, Senior Product Manager, Corporate Products, Kaspersky.