Kaspersky Endpoint Security for Linux 12 — offline on-demand scanner.

Modes (passed as the container CMD):
  shell    Start service, print this readme, drop to bash.
  version  Print KESL version + base /etc/issue.
  scan     Scan /data with --action Skip; print ThreatDetected events.
  debug    Bash without starting service.

Mount the target read-only at /data.