API for managing Threat Response actions

Kaspersky Anti Targeted Attack Platform provides an API for performing Threat Response actions. Commands to carry out operations are received at the Central Node server and then relayed to Kaspersky Endpoint Agent.

You can use external systems to perform the following operations on Kaspersky Endpoint Agent hosts:

All of the above operations are available on Kaspersky Endpoint Agent for Windows hosts. On Kaspersky Endpoint Agent for Linux hosts, you can only run a program.

In this Help section

Request for getting the list of Kaspersky Endpoint Agent hosts

Request for information about network isolation and the existence of prevention rules for Kaspersky Endpoint Agent hosts

Host network isolation management

Managing prevention rules

Managing the program run task

Page top