Areas of responsibility
Kaspersky Managed Detection and Response usage involves users processing incidents with support of Kaspersky experts. Additionally, Kaspersky Technical Support handles solution-related issues.
The table below shows areas of responsibility for users, Kaspersky experts and Kaspersky Technical Support.
Task |
Kaspersky experts |
Kaspersky Technical Support |
MDR users |
Activating MDR, deploying MDR, managing assets, setting up notifications, managing users, terminating the use of MDR. |
- |
Consult |
Perform the task |
- |
Consult |
Perform the task |
|
Detecting, investigating, issuing response recommendations for incidents based on telemetry data |
Perform the task |
- |
Receive information |
Clarifying details during investigation, answering questions from Kaspersky experts for better response recommendations |
Receive information |
- |
Perform the task |
Creating requests to use tools and capabilities of MDR to handle incidents |
Perform the task |
- |
Receive information |
Coordinating requests to use tools and capabilities of MDR to handle incidents |
Receive information |
- |
Perform the task |
Performing tasks outside functional capabilities of MDR |
Consult |
- |
Perform the task |
Manually creating an incident (it is important to choose an MDR asset and describe the incident in detail) |
Receive information |
- |
Perform the task |
Handling issues with Kaspersky infrastructure components that affect MDR |
Receive information |
Consult |
Perform the task |
Managing detection rules |
Perform the task |
- |
- |