Threats can be detected in encrypted traffic without decryption using the ja3 and ja3s methods. You can upload custom rules for analyzing encrypted traffic.
IDS rules for detecting threats in encrypted traffic without decryption are not included in the distribution kit.
Simplified Chinese localization is now supported in the application web interface.
Added the capability to detect threats when scanning chains of events using Kaspersky TAA (IOA) rules.
In the alert card, you can now view screenshots of files being executed by the Sandbox component.
Changes in Kaspersky Endpoint Agent 3.16 for Windows: