Configuring user permissions to manage IOC Scan tasks

This section provides information related to Kaspersky Endpoint Agent for Windows. This information may be partially or completely inapplicable to Kaspersky Endpoint Agent for Linux. For complete information about Kaspersky Endpoint Agent for Linux, please refer to the Help of the solution that includes the application: Kaspersky Anti Targeted Attack Platform or Kaspersky Managed Detection and Response.

You need to configure Kaspersky Security Center permissions for the user whose account will be used to manage IOC Scan tasks.

Only the files with IOC rules can be specified for the IOC Scan task. Files with other types of rules are not supported for the IOC Scan task.

To configure Kaspersky Security Center user permissions to manage IOC Scan tasks:

Open Kaspersky Security Center Administration Console.
Select Administration Server.
In the Administration Server context menu, select Properties.
The property window for the Administration Server.
In the left part of the window, select the Security section.
Select the Kaspersky Security Center user whose account will be used to manage IOC Scan tasks.
At the bottom of the window, the list of the selected user permissions is displayed, grouped by the applications that the user can manage using Kaspersky Security Center.
In the Kaspersky Endpoint Agent group of permissions expand the Intrusion Prevention section.
Select the check boxes in the Allow column for the following types of permissions: Modify, Execute, and Perform actions on device selections.
Click Apply and OK.
The configuration of the user permissions to manage IOC Scan tasks is finished.