You must set access rights for every user of Kaspersky Security Center Cloud Console who will use Kaspersky Endpoint Detection and Response Expert. Access rights depend on the actions that you want the users to perform.
To set access rights:
Access rights to application features
Functional area |
Rights |
User action: right required to perform the action |
Kaspersky Endpoint Detection and Response Expert functional areas |
||
EDR integration |
Read Write |
View and revoke consent with the terms of using the solution: Read, Write View consent with the terms of using the solution: Read |
Threat hunting |
Execute |
Work with the threat-hunting functionality: Execute |
Custom IOA rule management |
Read Write |
View custom IOA rules: Read Create and edit custom IOA rules: Write Create and edit exclusions from Kaspersky IOA rules: Write |
IOA exclusions |
Read |
View exclusions from the Kaspersky IOA rules: Read Create exclusions from the Kaspersky IOA rules from event details and alert details: Write Edit and delete exclusions from the Kaspersky IOA rules: Write |
Incident Response Platform functional areas |
||
Alerts and incidents |
Read Write |
View alerts and incidents: Read Edit alerts and incidents: Write |
Kaspersky Security Center Administration Server functional areas |
||
General features: Basic functionality |
Read Write |
The user is allowed to perform the actions that require Write access right and are listed in the General features: Basic functionality functional area in Kaspersky Security Center Cloud Console Online Help. |
The access rights are set.
Page top