Kaspersky Anti Targeted Attack Platform Interface

The program is managed through the web interface. Sections of the program web interface differ depending on the role of the user: Administrator or Senior security officer / Security officer / Security auditor.

The window of the program web interface contains the following items:

• Sections in the left part and in the lower part of the program web interface window.
• Tabs in the upper part of the program web interface window for certain sections of the program.
• The workspace in the lower part of the program web interface window.

Sections of the program web interface window

The program web interface for users with the Senior security officer, Security officer, and Security auditor roles provides the following sections:

• Dashboard. Contains Kaspersky Anti Targeted Attack Platform Monitoring data.
• Alerts. Contains information about alerts in your organization's network.
• Threat Hunting. Contains information about events detected on hosts of your organization.
• Tasks. Contains information about tasks that you can use to manage files and applications on hosts.
• Prevention. Contains information about policies that you can use to manage preventions of files running on selected hosts.
• User rules: TAA, IDS, IOC, and YARA. Contains information for managing user-defined rules.
• Storage: Files, and Quarantine. Contains information for managing objects in Quarantine and Storage.
• Endpoint Agents. Contains information about computers with Kaspersky Endpoint Agent and their settings.
• Reports: Generated Reports and Templates. Contains a report builder and a list of generated reports about alerts.
• Settings: IOC scanning schedule, Endpoint Agents, KPSN reputation database, Notification rules, VIP status, Exclusions, Passwords to archives, and License. Contains information on the IOC scan schedule, and the settings for publishing objects in KPSN and assigning the VIP status to alerts based on information contained in alerts, the list of allowed objects, and IDS and TAA (IOA) rules excluded from scanning, passwords of archives, and added keys.

Workspace of the program web interface window

The workspace displays the information you choose to view in the sections and on the tabs of the program web interface window. It also contains control elements that you can use to configure how the information is displayed.

See also Selecting an organization to manage in the web interface of the program Monitoring program operation Table of alerts Filtering, sorting, and searching alerts Viewing alerts Recommendations for processing alerts User actions performed on alerts Events database threat hunting Event information Managing Kaspersky Endpoint Agent host information Network isolation of Endpoint Agent hosts Managing tasks Managing policies (prevention rules) Managing user-defined rules Managing objects in Storage and Quarantine Managing reports Managing rules for assigning the VIP status to alerts Managing the list of scan exclusions Managing IDS exclusions Managing TAA exclusions Creating a list of passwords for archives Viewing server settings Viewing the table of servers with the Sandbox component Viewing the table of servers with the Sensor component Viewing the table of external systems

Page top