About the AMSI Scanner task
August 3, 2023
When the AMSI scanner task is running, Kaspersky Industrial CyberSecurity for Nodes controls the execution of scripts created using Microsoft Windows scripting technologies (Active Scripting) such as VBScript or JScript. The application can also process PowerShell scripts and scripts run in the Microsoft Office applications on operating systems with the Antimalware Scan Interface (AMSI) installed. You can allow or block execution of a script that has been found to be dangerous or probably dangerous. If Kaspersky Industrial CyberSecurity for Nodes identifies a script as potentially dangerous, it blocks or allows execution of the script according to your selected action. If the Block action is selected, the application allows script execution only if a script has been found to be safe.
Starting from the Microsoft Windows 10 and Microsoft Windows Server 2016 operating system, Kaspersky Industrial CyberSecurity for Nodes supports the Antimalware Scan Interface (AMSI). AMSI allows applications and services to integrate with any antimalware application installed on a device in order for all the executed scripts to be intercepted and scanned by the antimalware.
You can find more information about AMSI functionality on the Microsoft Windows website.