ffxsam

I’m curious about Kaspersky’s special SSL certificate that they use to intercept and analyze HTTPS traffic. Does anyone know how it works, as in, does it decrypt all traffic and send everything to Kaspersky (I should hope not)? Or is it using a local database to look at decrypted traffic to look for suspicious data?