• The Kaspersky Security Network (KSN) is a complex distributed infrastructure developed by Kaspersky Lab and dedicated to intelligently processing cybersecurity-related data streams from millions of voluntary participants around the world. By analyzing these data streams automatically in the cloud, the system ensures the fastest reaction times to new and yet unknown cyberthreats and the maintenance of the highest levels of protection for every partner or customer. It is one of the most important components of Kaspersky Lab’s multi-layered, next generation approach to protection. Essential to this approach is our HuMachine™ intelligence, which combines expert analysis, machine learning algorithms and big data, allowing us to spot patterns, changes and new threats in the cyber landscape--with skill and accuracy.

    The scheme above illustrates the basic principles of KSN functioning:

    1. Statistics regarding detected threats and suspicious activities are sent by Kaspersky Lab’s products to the cloud infrastructure.
    2. The received information makes up big data, processed by an automated analysis system, that is able to recognize most new cyberthreats. This system draws on Kaspersky Lab’s powerful resources instead of having to rely on those of the user’s devices.
    3. If the code or URL turns out to be malicious, detection is made available to all users within minutes. At the same time, records for legitimate applications are added to the whitelisting database.
    4. Any new requests for an object reputation are replied immediately back to the product.

    The approach provides the following benefits for final security level of customers’ systems and their data:

    • – Detection of advanced and previously unknown malware
    • – Reduction of detection errors (False Positives)
    • – Significant reduction of response time to new threats - in contrast to traditional signature-based responses from hours to seconds or minutes.

    The basic principles of the Kaspersky Security Network

    • – Information processed is limited to that needed in order to improve detection algorithms, refine the products’ operation and offer better solutions to our customers;
    • – The information processed is received from customers who have accepted an EndUser License Agreement (EULA) and KSN agreement where the kind of information obtained is described in full;
    • – Participation in the KSN agreement can be opted in or out of, at any time, in the solution settings;
    • – The data received by KSN is not attributed to a specific individual. The information is used in the form of aggregated statistics, on separated servers with strict policies regarding access rights;
    • – The information shared is protected, even during transit in accordance with legal requirements and stringent industry standards, including through encryption, digital certificates, firewalls and more.

Related Products

US 8966634 B2

System and method for correcting antivirus records...

Read more

US 8819835 B2

Silent-mode signature testing in anti-malware processing

Read more

US 8819774 B2

System and method for protecting cloud services...

Read more

Principles for the processing of user data by Kaspersky Lab security solutions and technologies

Read more


Kaspersky Security Network - Big Data-powered Security

Read more


Kaspersky Security Network

Read more


  • Certified by ICSA Labs Advanced Threat Defense test. Kaspersky Anti Targeted Attack Platform achieved incredible 100% detection rate with 0% false positive

  • A competitive analysis of the market for APT Protection solutions by The Radicati Group has awarded Kaspersky Lab’s Anti Targeted Attack platform with “Trail Blazer” leadership position.

Related Technologies