Kaspersky Boosts Embedded Systems Security with Smarter Behavioral Defenses
Kaspersky has announced a major update to its Kaspersky Embedded Systems Security (KESS) solution, significantly strengthening behavioral defenses and anti-ransomware capabilities to address the growing wave of cyberattacks targeting embedded devices.
Embedded systems - ranging from ATMs and point-of-sale terminals to computerized medical equipment - have become increasingly attractive targets for cybercriminals, offering both direct financial gain and access to highly sensitive data. As advanced attack techniques once limited to sophisticated threat actors become more widely accessible, the need for specialized and robust protection for embedded environments has become critical.
The latest KESS update expands behavioral analysis capabilities designed specifically for low-power and legacy embedded devices. At the core of the release is enhanced behavioral detection technology that powers key security components, including Automatic Exploit Prevention, an advanced Remediation Engine, and an improved Anti-Cryptor. Together, these technologies enable the detection of complex and evasive threats that are capable of bypassing traditional statistical or static detection methods, as well as hardening-based countermeasures commonly used in embedded environments.
The overarching goal of the update is to provide embedded systems with access to advanced protection mechanisms that were previously available only to full-scale endpoints.
In addition to strengthened behavioral defenses, the update introduces several features tailored to the unique challenges of embedded systems. Among the most notable is protection against BadUSB attacks, preventing malicious USB devices from impersonating keyboards or other human-interface peripherals to execute unauthorized commands.
KESS also now includes a proprietary application-level firewall, allowing organizations to exercise greater control over how embedded applications communicate with external networks, thereby reducing exposure to suspicious or unwanted connections. Another key enhancement is the new “traffic-light” Security Level Indicator, which provides an immediate visual assessment of a device’s security posture, enabling operators to quickly identify systems that may require attention or configuration changes.
Unlike generic endpoint protection or hardening-only approaches, Kaspersky Embedded Systems Security is purpose-built for the diversity and constraints of embedded environments. The solution supports legacy and low-performance devices, operates reliably in low-bandwidth conditions, and minimizes dependence on cloud connectivity. Its opt-in security model allows organizations to balance strict hardening for older devices with full-featured protection for more capable systems, while maintaining centralized management and consistent security policies across mixed device fleets within Kaspersky’s unified security ecosystem.
Commenting on the update, Oleg Gorobets, Cybersecurity Expert at Kaspersky, said:
“Embedded systems are no longer isolated or too limited to be worth targeting. They face the same sophisticated threats as traditional endpoints, but protecting them requires addressing their specific constraints. This updated solution delivers stronger, smarter, and more flexible protection while keeping operational complexity low. As embedded infrastructures continue to grow, the need for lightweight yet deeply effective security has never been greater.”
More information about Kaspersky Embedded Systems Security is available on the company’s official website.