Detection and Response management commands

You can use the command line to manage built-in functionality of Detection and Response solutions (for example, Kaspersky Sandbox or Kaspersky Endpoint Detection and Response Optimum). You can manage Detection and Response solutions if management using the Kaspersky Security Center console is not possible. You can view the list of commands for managing the application by running the HELP command. To read about the syntax of a specific command, enter HELP <command>.

To manage built-in features of Detection and Response solutions using the command line:

  1. Run the command line interpreter (cmd.exe) as an administrator.
  2. Go to the folder where the Kaspersky Endpoint Security executable file is located.
  3. Use the following template to execute the command:

    avp.com <command> [options]

As a result, Kaspersky Endpoint Security will execute the command.

In this section

SANDBOX. Managing Sandbox

PREVENTION. Managing Execution prevention

ISOLATION. Managing Network isolation

RESTORE. Restoring files from Quarantine

IOCSCAN. Scan for indicators of compromise (IOC)

MDRLICENSE. MDR activation

EDRKATA. Integration with EDR (KATA)

YARA. Running YARA Scan

TELEMETRYFILTERS. Filtering events to be sent to KUMA

Page top