Auto-accepting responses in MDR Web Console
You can enable auto-acceptance of the offered responses. In this case, the actions offered within responses, for example, deleting an infected file, will be performed automatically. When this feature is disabled, the measures offered within responses need to be accepted or rejected manually.
If you use tenants, you can enable the auto-acceptance of responses for all tenants or only for the tenants that you select. If you do not use tenants, you enable or disable this feature for your current organization.
To enable auto-acceptance of responses:
- In the MDR Web Console window, navigate to the Settings menu item.
- Click the Incidents tab.
- Select one of the following options:
- Enabled for all tenants
When this option is selected, the auto-acceptance of responses is enabled both for the existing and newly created tenants.
- Enabled for the tenants selected below
Select the tenants for which you want to enable the auto-acceptance of responses. For newly created tenants, the auto-acceptance of responses is disabled by default.
- Enabled for all tenants
- Click the Save button.
Auto-acceptance of responses is enabled and the actions offered within responses will be performed automatically for all tenants or the tenants that you selected. You can disable this option at any time.
Access rights to view or change the auto-acceptance settings
The user roles of Kaspersky Managed Detection and Response have the following access rights to the auto-acceptance settings:
Operation |
MDR Administrator |
Senior Security Officer |
Security Officer |
|---|---|---|---|
Access the Incidents tab |
|
|
|
Change the currently selected option |
|
|
|
View the currently selected option |
|
|
|
Enable auto-acceptance for all tenants |
|
|
|
Enable auto-acceptance for specific tenants |
|
(only for the tenants the user has access to) |
|
View the auto-acceptance setting of a specific tenant |
|
(only for the tenants the user has access to) |
|
