Viewing information about a detected threat and response actions
To view all information about a detected threat and perform appropriate threat response actions, you can use the alert details window, which contains:
- Threat development chain graph
- Recommendations for responding to the threat with the UI for performing the chosen action
- General information about the threat detection (for example, the detection mode)
- Information about the protected device
- Information about the detected object
- History of files appearing on the device
- Information about the threat response actions performed by the application
In the alert details window, you can perform the following response actions:
- Isolate the device on which the threat was detected
- Quarantine file
- Create an IOC Scan task
The storage period for the alert details is 30 days. After this time expires, old entries are automatically deleted.
For more details about managing alert details, refer to the Kaspersky Endpoint Detection and Response Optimum Help.
Page top