Configuring Threat Response actions of Kaspersky Endpoint Security to respond to threats detected by Kaspersky Sandbox

Kaspersky Endpoint Security can perform Threat Response actions in response to threats detected by Kaspersky Sandbox.

You can configure the following types of actions:

Local actions:

Group actions:

To configure group Threat Response actions, you must configure permissions for Kaspersky Security Center Web Console users accounts that you want to use to manage IOC scanning tasks.

If you configure Threat Response actions, keep in mind that execution of some of the configured actions can result in the threatening object being deleted from the workstation where it was detected.

See also

Getting started with Kaspersky Endpoint Security

Configuring the proxy server connection

Managing stand-alone IOC scanning tasks

Configuring the integration of Kaspersky Endpoint Security with Kaspersky Sandbox

Configuring Quarantine settings

Configuring data synchronization with the Administration Server

Monitoring the results of sending objects for scanning by Kaspersky Sandbox and running IOC scanning tasks

In this Help section

Configuring Threat Response actions

Configuring the running of IOC scanning tasks

Page top