Kaspersky Endpoint Detection and Response Expert users can have different roles, with a different set of rights available for each role. The following pre-defined roles are present in Kaspersky EDR Expert:
A superuser who is in charge of installation, configuration and performance of the solution. You must be the Main Administrator to activate Kaspersky Endpoint Detection and Response Expert. The Main Administrator has access to all Kaspersky EDR Expert functions. In contrast to the Senior Security Analyst role, the Main Administrator has permissions to do the following:
Manage user accounts.
Manage roles and user access rights.
Add, change, or delete activation keys.
This page provides more information about the Main Administrator role in Kaspersky Security Center Cloud Console.
An IT Security specialist who investigates incidents and manages custom IOA rules which define IT security alerts. The Senior Security Analyst role gives the right to manage responses and tasks.
The Senior Security Analyst has full access to Kaspersky EDR Expert functions including alerts, incidents, custom IOA rules, and threat hunting. User management and role management are unavailable.
If the pre-defined roles do not meet the specific needs of your organization, you can create your own custom roles.