Kaspersky Managed Detection and Response

Setting access rights in Kaspersky Security Center

February 12, 2024

ID 213206

You must set access rights for every user of Kaspersky Security Center Web Console or Kaspersky Security Center Cloud Console who will use MDR functions in Kaspersky Security Center. Access rights depend on the actions that you want users to be able to perform.

You can create MDR roles with predefined access rights automatically by clicking the link in the first step on the Getting Started tab of MDR section in Kaspersky Security Center.

To set access rights:

  1. In Kaspersky Security Center, go to the Users & rolesRoles section, then and create a new role. For details on how to create roles, refer to Kaspersky Security Center Online Help or Kaspersky Security Center Cloud Console Online Help.
  2. On the Access rights tab of a new role, set the Allow right for the following functional areas:
    • Application Integration

      Permits users to configure interaction between Kaspersky Security Center and another Kaspersky application or solution.

      It is required to set the Allow access right for the Application Integration functional area for users who manage MDR Plug-in. This access right grants users rights to activate, configure, use, and terminate the use of Kaspersky Managed Detection and Response.

    • Incident access

      It is required to set the Allow access right for the Incident access functional area for users to have access to the MDR section in Kaspersky Security Center. If the Incident access functional area has the Deny access right set, users can see only the Getting started tab of the MDR section in Kaspersky Security Center.

    • Tenant management

      Permits users to create, view, and edit tenants.

    • REST API access

      Permits users to manage Kaspersky Managed Detection and Response through the REST API.

    The following table shows the minimum set of access rights.

    Minimum set of access rights

    Functional area

    Allow

    Deny

    Application Integration

    no(new)

    yes_icon

    Incident access

    yes_icon

    no(new)

    Auto-accept settings

    no(new)

    yes_icon

    Response management

    no(new)

    yes_icon

    Tenant management

    no(new)

    yes_icon

    Incident summary scheduling

    no(new)

    yes_icon

    REST API access

    no(new)

    yes_icon

  3. Assign the created role to all users who will use MDR functions in Kaspersky Security Center.

The access rights are set.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.