Support

Support for business applications

Kaspersky Endpoint Detection and Response Expert

Glossary
Kaspersky Endpoint Detection and Response Expert
Online Help
Advice & Solutions FAQ Download Forum Contact support Recovery tools Product videos

Glossary

March 20, 2024

ID 95897

Alert

An event in the organization's IT infrastructure that was marked as unusual or suspicious and that may pose a threat to the security of the organization's IT infrastructure.

Asset

A device with an installed Kaspersky EPP application (for example, Kaspersky Endpoint Security for Windows).

Endpoint Protection Platform (EPP)

An integrated system of complex protection for endpoint devices (for example, mobile devices, computers, or laptops) that includes various security technologies. An example of an Endpoint Protection Platform is Kaspersky Endpoint Security for Business.

EPP application

An application included in a protection system for endpoint devices (Endpoint Protection Platform, or EPP). EPP applications are installed on endpoint devices within the IT infrastructure of an organization (for example, mobile devices, computers, or laptops). An example of an EPP application is Kaspersky Endpoint Security for Windows, as part of the EPP solution Kaspersky Endpoint Security for Business.

Event

Any significant occurrence in the system, an application or managed devices that requires a user to be notified.

Incident

An activity evaluated as critical by the detection technology and which requires immediate reaction from Kaspersky Endpoint Detection and Response.

IOA

An indicator of attack (or IOA) is the description of suspicious behavior of objects in an organization's IT infrastructure, which can be a sign of attack targeted at this organization.

IOA rule

A rule containing the description of a suspicious activity in the system that could be a sign of a targeted attack.

IOC

An indicator of compromise (or IOC) shows the evidence on a device that points to a security breach.

MITRE tactic

The objective that an attacker wanted to achieve during a cyber attack on the Client infrastructure.

MITRE technique

The method used by the attacker to perform malicious actions during a cyberattack on the Client infrastructure. Each MITRE tactic contains an array of MITRE techniques.

Response

Incident response is a structured methodology for handling security incidents, breaches, and cyberthreats.

Telemetry

Data that is sent from assets to Kaspersky Endpoint Detection and Response.

Tenant

A tenant is an organization to which you supply Kaspersky Endpoint Detection and Response.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.