After comparing the behavior of the file on different computers, checking it against a database of hundreds of thousands of legitimate applications and using heuristic algorithms, the system issues a preliminary verdict on whether or not the object is malicious. Internal KSN mechanisms summarize the data sent automatically from thousands of protected devices whose users consented to share information about any suspicious programs they encounter.
Kaspersky Lab’s globally distributed cloud-based infrastructure - Kaspersky Security Network (KSN) - helps Kaspersky Lab products receive information about new suspicious files and other threats almost immediately after they appear. In today's world of cyberthreats, it only takes a few minutes to spread new malicious applications or spam.
The types of threats displayed include malicious objects detected during on-access and on-demand scans, email and web antivirus detections, as well as objects identified by vulnerability and intrusion detection sub-systems. Kaspersky Lab has launched an interactive cyberthreat map that visualizes cyber security incidents occurring worldwide in real time.