Kaspersky Next allows you to detect and root out advanced attacks, perform root-cause analysis with a visualized threat development chain graph, and drill down to details for further review.
This feature is available only if you activated Kaspersky Next under a Kaspersky Next EDR Foundations license.
If you activated Kaspersky Next under a Kaspersky Next EDR Optimum or XDR Expert license, you have access to the full-fledged Endpoint Detection and Response.
To use this feature, you need Kaspersky Endpoint Security 11.8 for Windows or later.
Root-Cause Analysis detects threats in the following types of objects:
You can start using the Root-Cause Analysis feature when you start Kaspersky Next Management Console for the first time or after Kaspersky Next is upgraded to a new version. If you did not start using Root-Cause Analysis during the initial or additional setup of Kaspersky Next, you can do it later.
The Root-Cause Analysis widget and table display detections that occur on your users' devices and allow you to investigate a threat development chain graph for each detection. The widget shows up to 10 detections and the table shows up to 1000 detections.
From the Root-Cause Analysis table, you can export information about all of the current detections to a CSV file.
If you want to stop using the feature, you can disable it and later enable it again.
Page top