Kaspersky Endpoint Security achieves full marks in tampering test

Kaspersky Endpoint Security has achieved 100% tamper protection in the most recent Anti-Tampering Test conducted by AV-Comparatives.

The security solution, representing Kaspersky Next EDR Foundations, was subjected to a focused penetration test that examined its resilience to tampering attempts on Windows 11 systems. Tamper protection is regarded as an essential defence mechanism, as attackers frequently first try to disable security tools to compromise business environments.

During the testing process, Kaspersky Endpoint Security met all certification requirements by successfully preventing every attempted tampering action. These actions included attempts to disable, uninstall, or reconfigure the security software, actions which could otherwise block updates or allow adversaries to use attacker tools unimpeded.

The procedures followed by AV-Comparatives involved keeping vendors uninformed about the attack methods ahead of the test, ensuring that the responses observed were authentic and not tailored for specific anticipated threats. Only those endpoint protection products that entirely blocked 100% of tampering attempts were certified and had their reports publicised.

Kaspersky entered its Endpoint Security solution for the April 2025 assessment and achieved certification for the second time in succession. The comprehensive testing encompassed the safeguarding of services, processes, files, registry entries, and other components, defending them from unauthorised control attempts even when made with elevated user privileges.

Kaspersky has maintained a regular presence in independent testing environments, reflecting a continued commitment to validating its technology against recurrent and emerging threats. Discussing the recent test results, Alexander Liskin, Head of Threat Research at Kaspersky stated: "We continuously engage in independent testing to ensure our technologies withstand the latest threats while delivering a seamless experience. The Anti-Tampering test is of great value since it puts stress on the product without prior knowledge of attack vectors. We take pride in knowing that Kaspersky Endpoint Security, as part of Kaspersky Next EDR Foundations, has once again achieved top scores."

Further comment on the focus of the testing process came from Andreas Clementi, Founder and Chief Executive Officer of AV-Comparatives. He said: "Our focus tests aim to highlight areas within the product worthy of improvement. Kaspersky has, again and again, displayed excellent resistance against agnostic approaches to tampering, reestablishing itself among the most secure endpoint solutions."

The Anti-Tampering Test by AV-Comparatives specifically investigates whether endpoint protection software can withstand sophisticated disabling or modification attempts. The methodologies applied replicate the initial tactics threat actors commonly adopt when infiltrating business networks. Certification is only awarded to those products capable of blocking every simulated attack route, affirming their status as effective defenders in real-world scenarios.

Through repeated success in independent, externally managed assessments, Kaspersky identifies tamper protection as a fundamental attribute of its endpoint security categorisation. The company maintains that it will continue to reinforce its products to address the ongoing evolution in cybersecurity threats aimed at disabling or circumventing commercial security solutions.