Kaspersky Embedded Systems Security
Unique multi-layered security to protect embedded systems from the latest threats

Overview

Windows embedded systems are an increasingly popular target for cybercriminals. These devices tend to operate inside the corporate network, are geographically scattered and usually handle critical data, often working with credit and debit cards. End-of-life Windows XP is still a standard for many of these systems, as is low-end hardware.

Kaspersky Embedded Systems Security (KESS) is specifically designed to protect these systems against attacks targeting their contents and exploiting their limitations. It is designed for low-power, Windows-based embedded systems, such as ATM and POS systems, vending machines, and medical equipment. It was designed specifically to support both modern and legacy OS versions and protect them against cyberattacks, including financial fraud, data theft and insider threats.

• Best protection for any embedded scenario
  Kaspersky Embedded Systems Security is a true multi-layered solution, offering an optimal selection of protective layers to provide the best security level possible for devices of differing power and with different implementation scenarios.
• Older systems receive the most up-to-date protection
  Kaspersky Embedded Systems Security has been optimized to run with full functionally on the Windows XP platform as well as on the Windows 7, 8, 10 and even the newest Windows 11 families. Kaspersky solution is committed to providing total support for the Windows XP family for the foreseeable future, giving customers enough time to upgrade when appropriate.
• Low resources but high security levels
  Kaspersky Embedded Systems Security has been built specifically to operate effectively even on low-end hardware.

---

Key Security Challenges

Embedded devices, though very similar to regular computers, present a number of specific challenges. Some of these are common to all embedded devices, while others are characteristic of particular devices types. These challenges include:

• Obsolete, vulnerable software
  Long lifecycles can mean running out-of-support operating systems and apps, containing unpatched vulnerabilities that can be exploited.
• Irregular security updates
  Even where the software’s supported, there can be patching gaps. Problems with updating multiple geographically-dispersed devices or taking them offline for update purposes (and thus creating a temporary Denial of Service), and the need to test the updates before deploying them in production can all contribute to patching delays.
• Process continuity
  Taking certain types of device – such as medical equipment – out of service temporarily for updating can be especially undesirable, further increasing the patching gap timeframe.
• Public space placement
  Many embedded devices operate in open public spaces, which greatly increases the risk of tampering. Network-level defenses can’t protect against the direct physical infection of the device.
• Inherently risky context
  Embedded devices are particularly attractive to cybercriminals, as so many are directly involved in financial operations and/or process sensitive personal information.
• Subject to strict regulations
  Because of the financial and personally identifiable information they may process, many embedded devices operate under regulations mandating a particularly diligent approach to security.
• Insider threats
  According to Kaspersky data, over 50% of all successful attacks on embedded systems involve ‘insider activity’ – by an employee or a 3rd party service provider

---

The Threats

Embedded systems are everywhere: in ticketing machines, ATMs, kiosks, Point of Sale systems, medical equipment… the list is endless.

Kaspersky Embedded Systems Security secures Windows-based devices from unauthorized access and the damage caused by cyberattacks, protecting your business from:

Features

Use Cases

Documentation

Download the Kaspersky Embedded Systems Security Datasheet (PDF).