Viewing alerts

The web interface of Kaspersky Anti Targeted Attack Platform displays the following types of alerts that the user should keep track of:

If a file was detected, the following information may be displayed in the application web interface depending on which application modules or components generated the alert:

If a website link was detected, the following information may be displayed in the application web interface depending on which application modules or components generated the alert:

If the application detects network activity of the IP address or domain name of a computer on a corporate LAN, the application web interface may display the following information:

If the application detects processes running on a corporate LAN computer where the Endpoint Agent component is installed, the application web interface can display the following information:

Alerts can be managed by users with the following roles: Security officer and Senior security officer. Users with the Security auditor role can view alerts.

In this section

Viewing alert details

General information about an alert of any type

Information in the Object information section

Information in the Alert details section

Information in the Information about scanning using NDR technologies section

Information in the Scan results section

Information in the IDS rule section

Information in the URL section

Information in the IP addresses of detection-related devices section

Information in the Network event section

Scan results in Sandbox

IOC scan results

Information in the Hosts section

Information in the Change log section

Sending alert data

Viewing alert relations

Page top