Limited compatibility with Kaspersky Endpoint Security for Linux

Limited compatibility of Kaspersky Endpoint Security for Linux versions with Kaspersky Anti Targeted Attack Platform versions

• Integration of Kaspersky Endpoint Security 11.4 with Kaspersky Anti Targeted Attack Platform 5.1–6.1.

  The scope of data sent by Kaspersky Endpoint Security is limited:

  • Creation of network isolation rules is not supported.
  • Creation of prevention rules is not supported.
  • Searching for indicators of compromise on computers using IOC files is not supported.
  • Only events of the following types are transmitted: Process started, File changed, System event log, Detection, Detection processing result.
  • Only the following tasks can be used: Get file, Run application.
• Integration of Kaspersky Endpoint Security 12, 12.1 with Kaspersky Anti Targeted Attack Platform 5.1.

  The scope of data sent by Kaspersky Endpoint Security is limited:

  • Creation of prevention rules is not supported.
  • Only events of the following types are transmitted: Process started, File changed, System event log, Detection, Detection processing result.
  • Only the following tasks can be used: Get file, Run application, Delete file, Kill process.
• Integration of Kaspersky Endpoint Security 12, 12.1 with Kaspersky Anti Targeted Attack Platform 6.0–7.1.

  The scope of data sent by Kaspersky Endpoint Security is limited:

  • Only events of the following types are transmitted: Process terminated, Blocked application (prevention rule), Document blocked.
  • Only the following tasks can be used: Get file, Run application, Delete file, Kill process.
• Integration of Kaspersky Endpoint Security 12.2, 12.3 with Kaspersky Anti Targeted Attack Platform 6.0, 6.1.

  The scope of data sent by Kaspersky Endpoint Security is limited:

  • Only events of the following types are transmitted: Process terminated, Blocked application (prevention rule), Document blocked.
  • Only the following tasks can be used: Get file, Run application, Delete file, Kill process, Quarantine file, Restore file from quarantine.
• Integration of Kaspersky Endpoint Security 12.2, 12.3 with Kaspersky Anti Targeted Attack Platform 7.0–7.1.

  The scope of data sent by Kaspersky Endpoint Security is limited:

  • Only events of the following types are transmitted: Process terminated, Blocked application (prevention rule), Document blocked, Code injection, DNS.
  • Only the following tasks can be used: Get file, Run application, Delete file, Kill process, Quarantine file, Restore file from quarantine.

Page top