Endpoint Detection and Response

This section contains information about Endpoint Detection and Response.

The Endpoint Detection and Response feature monitors and analyzes threat progression, and provides you with information about possible attacks, to facilitate a timely manual response; or performs the predefined automated response.

This feature is available only if you activated Kaspersky Endpoint Security Cloud under a Kaspersky Endpoint Security Cloud Pro license.
If you activated Kaspersky Endpoint Security Cloud under a Kaspersky Endpoint Security Cloud Plus license, you have access to a limited functionality called Root-Cause Analysis.

To use this feature, you need Kaspersky Endpoint Security 11.8 for Windows or later.

In this section

About Endpoint Detection and Response

About Indicators of Compromise

Starting the use of Endpoint Detection and Response

Scenario: Configuring and using Endpoint Detection and Response

Configuring IoC scans for potential threats

Configuring execution prevention

Viewing information about Endpoint Detection and Response alerts

Taking manual response measures

Canceling network isolation of a Windows device

Exporting information about Endpoint Detection and Response alerts

Disabling Endpoint Detection and Response

Page top