Kaspersky Cyber Immunity

Kaspersky's approach to developing Secure by Design IT systems

The number of devices connected to the internet continues to grow exponentially, and with it cybercriminal interest. Cyberthreats can cause physical damage, for instance, to industrial plants, energy facilities, cars or smart city systems. The information security industry is creating ever more security technologies, but often it is merely playing catch-up with the attackers.

We decided to change things by finding a way to develop IT systems with “innate” protection — Cyber Immunity.

Cyber Immunity works by separating the IT­ system into isolated parts and controlling the interactions between them. Most attacks on the Cyber Immune system are ineffective — it continues to perform critical functions even in an aggressive environment and stops potential attackers in their tracks.

Our Cyber Immune operating system, KasperskyOS, comprised of a microkernel and the Kaspersky Security System module, provides protection by default and lets developers create Cyber Immune solutions.

Advantages of the technology

Reduced risks

Cyber Immunity makes information systems robust and predictable, minimizing the risk of incidents and related accidents.

Reduced cost of developing and supporting secure IT solutions

Even if untrusted third-party code is used, Cyber Immunity delivers a high level of security for the solution.

Reduced cost of certification

Cyber Immune solutions comply with regulatory standards: Common Criteria, ASPICE, ISO 26262 and others.


Kaspersky Security System can be flexibly configured by creating security policies for each specific task.


Kaspersky’s Cyber Immune approach is a means to create solutions that are virtually impossible to compromise and that minimize the number of potential vulnerabilities. It can cost less to develop such solutions than similarly security-focused projects using special-purpose operating systems of earlier generations.

To develop a Cyber Immune solution:

  • clearly define the security objectives (for example, data confidentiality) and the conditions in which the system will operate;
  • separate the solution into isolated security domains, taking into account the functionality and level of trust in each of them;
  • control the information flows between these domains, allowing only specified types of interactions.

KasperskyOS provides the interfaces, mechanisms and tools necessary for developing Cyber Immune solutions, including isolating the security domains and controlling the interactions between them.

Learn more about KasperskyOS

We are always happy to answer your questions about KasperskyOS and solutions based on it. Fill out the form to get additional information or to discuss cooperation prospects

Ask a Question

Answering the most frequently asked questions about KasperskyOS and products based on

Read the FAQ