Alert details contain all available information about the detected threat and allow you to manage alert response actions.
Alert details contain the following information:
This section is available only in Kaspersky Endpoint Security for Windows 11.9.0 and later web plug-in.
If Kaspersky Endpoint Security for Windows 11.10.0 or later is installed on the organization devices, Kaspersky Endpoint Security plug-in 11.10.0 is used in Kaspersky Security Center, and the Kaspersky Security Network feature is enabled in Kaspersky Endpoint Security, the alert details for files display information about the trust group, numeric signature, file distribution and other data.
The data in the alert details is relevant at the time the threat was detected. The solution does not update this information, so it may differ from the data and indicators displayed on Kaspersky Threat Intelligence Portal. To view the up-to-date updated data, use the links to Kaspersky Threat Intelligence Portal data in the alert details.
You can perform the following response actions from the alert details:
Alert details are automatically deleted one month after creation.
For devices with Kaspersky Endpoint Security for Windows: if the amount of information in the alert details exceeds 1 MB, or if more than five alerts occurred on the device during a day, then the alert data is stored on the device locally and connection to the device is required to access this data. For devices with Kaspersky Endpoint Agent and any EPP application, for example, Kaspersky Security for Windows Server, these threshold values are 100 KB and 20 detections, respectively.
Page top