For security officers: Getting started with the application web interface

This section is intended for specialists who are in charge of providing data security within an organization. It contains information and instructions on configuring resources for the security of a corporate IT infrastructure and timely detection of threats.

The application allows multiple security officers to work together.

In this Help section

Kaspersky Anti Targeted Attack Platform Interface

Selecting a tenant to manage in the web interface of the application

Monitoring the performance of the application

Viewing the alert table

Configuring the alert table display

Filtering, sorting, and searching alerts

Recommendations for processing alerts

Viewing alerts

User actions performed on alerts

Events database threat hunting

Event information

Event chain scanning by Kaspersky TAA (IOA) rules

Managing Endpoint Agent host information

Network isolation of hosts with the Endpoint Agent component

Automatically sending files from Kaspersky Endpoint Agent hosts to be scanned by the Sandbox component in accordance with Kaspersky TAA (IOA) rules

Selecting operating systems to use when scanning objects in Sandbox

Managing tasks

Managing policies (prevention rules)

Managing user-defined rules

Managing objects in Storage and Quarantine

Managing reports

Managing rules for assigning the VIP status to alerts

Managing the list of scan exclusions

Managing IDS exclusions

Managing TAA exclusions

Managing ICAP exclusions

Creating a list of passwords for archives

Viewing server settings

Viewing the table of servers with the Sandbox component

Viewing the settings of the set of operating systems used for scanning objects in Sandbox

Viewing the table of servers with the Sensor component

Managing raw network traffic

Viewing the table of external systems

Viewing information about files that have sent for scanning to the Kaspersky Anti Targeted Attack Platform

Page top