This section provides information related to Kaspersky Endpoint Agent for Windows. This information may be partially or completely inapplicable to Kaspersky Endpoint Agent for Linux. For complete information about Kaspersky Endpoint Agent for Linux, please refer to the Help of the solution that includes the application: Kaspersky Anti Targeted Attack Platform or Kaspersky Managed Detection and Response.
You can enable the creation of the threat development chain for objects detected on managed devices. The threat development chain is displayed on the incident card.
To enable the creation of the threat development chain:
In the main Kaspersky Security Center Web Console window select Devices → Policies and profiles.
Select the policy you want to configure.
In the <Policy name> window that opens, select the Application settings tab.
In the Repositories section select the Synchronization with Administration Server subsection.
In the Synchronization with the Administration Server group of settings, select the Send data for creation of the threat development chain check box.
If you configure the policy settings, in the upper right corner of the Synchronization with the Administration Server group of settings, change the switch from Undefined to Enforce.
Click OK.
Click the Save button.
Creation of the threat development chain is now configured.