Managed Detection and Response
Kaspersky Endpoint Security for Windows supports integration with the Managed Detection and Response solution. The Kaspersky Managed Detection and Response (MDR) solution automatically detects and analyzes security incidents in your infrastructure. To do so, MDR uses telemetry data received from endpoints and machine learning. MDR sends incident data to Kaspersky experts. The experts can then process the incident and, for example, add a new entry to Anti-Virus databases. Alternatively, the experts can issue recommendations on processing the incident and, for example, suggest isolating computer from the network. For detailed information about how the solution works, please refer to the Kaspersky Managed Detection and Response Help.
Managed Detection and Response settings
Parameter | Description |
|---|---|
MDR configuration file | The BLOB file contains the client ID and information about the license for Kaspersky Managed Detection and Response. The BLOB file is located inside the ZIP archive of the MDR configuration file. You can obtain the ZIP archive in the Kaspersky Managed Detection and Response Console. For detailed information about a BLOB file, please refer to the Kaspersky Managed Detection and Response Help. If you have Kaspersky Endpoint Security 12.4 or later deployed, a configuration file is not necessary. The application automatically detects KSN servers to send telemetry to without using a configuration file. To activate Managed Detection and Response, you must add a key. |
