Proactive Defense

Proactive Defense ensures protection against new threats which are not yet included in Kaspersky Internet Security databases.

The preventative technologies provided by Proactive Defense neutralize new threats before they harm your computer. In contrast with responsive technologies, which analyze code based on records in Kaspersky Internet Security databases, preventative technologies recognize a new threat on your computer by the sequence of actions executed by a program. If, as a result of activity analysis, the sequence of an application’s actions arouses suspicion, Kaspersky Internet Security blocks the activity of this application.

For example, when actions such as a program copying itself to network resources, the startup folder and the system registry are detected, it is highly likely that this program is a worm. Hazardous sequences of actions also include attempts to modify the HOSTS file, hidden installation of drivers, etc. You can turn off monitoring for any hazardous activity or edit the rules of monitoring for it.

As opposed to the Application Control, Proactive Defense responds immediately to a defined sequence of an application’s actions. Activity analysis is performed for all applications, including those grouped as Trusted by the Application Control component.

You can create a group of trusted applications for Proactive Defense. If done, you will not be notified of activities of these applications.

If your computer runs under Microsoft Windows XP Professional x64 Edition, Microsoft Windows Vista, Microsoft Windows Vista x64, Microsoft Windows 7, or Microsoft Windows 7 x64, control will not apply to each event. This is due to specific features of these operating systems. For example, control will not apply in full volume to the sending data through trusted applications, and suspicious system activities.

In this section:

Enabling and disabling Proactive Defense

Creating a group of trusted applications

Using the dangerous activity list

Changing the dangerous activity monitoring rule

Internet Security arr Proactive DefensePage top

Proactive Defense