Enabling Anomaly Detection using Sigma Rules

To enable Anomaly Detection using Sigma rules:

1. In the main window of the Web Console, select Assets (Devices) → Policies & profiles.
2. Click the name of the Kaspersky Industrial CyberSecurity for Nodes policy.

   The policy properties window opens.

3. Select the Application settings tab.
4. In the Anomaly Detection using Sigma rules section, select the Enable Anomaly Detection using Sigma rules check box.
5. Add one or more collections of Sigma rules.
6. Click the Save button.

   Kaspersky Industrial CyberSecurity for Nodes will search for anomalies using the enabled collections of Sigma rules.

Page top