Kaspersky Managed Detection and Response users can have different roles, with a different functionality available for each role. The role model is a set of rules that specify user roles.
The following roles are present in Kaspersky Managed Detection and Response:
The superuser who has access to all Kaspersky Managed Detection and Response functions granted by the license. The MDR Administrator can grant access to client data sources to other users. When you activate Kaspersky Managed Detection and Response, you become the MDR Administrator automatically, which is why we recommend using a corporate email address for the activation process instead of a personal email address. Having the MDR Administrator created with a personal email address can pose security risks, such as theft of the MDR Administrator account.
In Kaspersky Security Center, this role corresponds to the following access rights:
An employee who has access to the Kaspersky Managed Detection and Response functions granted by the license, but who does not have access to the REST API. The Senior Security Officer has the right to accept and reject responses.
Incident response is a structured methodology for handling security incidents, breaches, and cyberthreats.
In Kaspersky Security Center, this role corresponds to the following access rights:
An employee who has access to the Kaspersky Managed Detection and Response functions granted by the license, but who does not have access to the REST API. The Security Officer cannot accept and reject responses.
In Kaspersky Security Center, this role corresponds to the following access rights: