Setting access rights
March 20, 2024
ID 221352
You must set access rights for every user of Kaspersky Security Center Cloud Console who will use Kaspersky Endpoint Detection and Response Expert. Access rights depend on the actions that you want the users to perform.
To set access rights:
- In Kaspersky Security Center Cloud Console, go to the USERS & ROLES → ROLES section and create a new role. For details on how to create roles, refer to Kaspersky Security Center Cloud Console Online Help.
- On the ACCESS RIGHTS tab of a new role, grant the Allow access right for the following functional areas (the table below shows access rights of Senior Security Analyst):
Access rights to application features
Functional area
Rights
User action: right required to perform the action
Kaspersky Endpoint Detection and Response Expert functional areas
EDR integration
Read
Write
View and revoke consent with the terms of using the solution: Read, Write
View consent with the terms of using the solution: Read
Threat hunting
Execute
Work with the threat-hunting functionality: Execute
Custom IOA rule management
Read
Write
View custom IOA rules: Read
Create and edit custom IOA rules: Write
Create and edit exclusions from Kaspersky IOA rules: Write
IOA exclusions
Read
WriteView exclusions from the Kaspersky IOA rules: Read
Create exclusions from the Kaspersky IOA rules from event details and alert details: Write
Edit and delete exclusions from the Kaspersky IOA rules: Write
Incident Response Platform functional areas
Alerts and incidents
Read
Write
View alerts and incidents: Read
Edit alerts and incidents: Write
Kaspersky Security Center Administration Server functional areas
General features: Basic functionality
Read
Write
The user is allowed to perform the actions that require Write access right and are listed in the General features: Basic functionality functional area in Kaspersky Security Center Cloud Console Online Help.
- Assign the created role to the users who will use Kaspersky EDR Expert.
The access rights are set.
