Inviting new users in MDR Web Console

Expand all | Collapse all

To invite a new user to Kaspersky Managed Detection and Response:

If your previously created Kaspersky Account (i.e. your email) has previously been used to access Kaspersky Managed Detection and Response, it may be associated with another organization's MDR data and can be unavailable to apply a new activation code. To use your existing Kaspersky Account for the new activation, contact Technical Support.
Please note: when Technical Support staff remove the association of your existing Kaspersky Account with another organization's data in MDR, your existing Kaspersky Account can no longer be used to access the other organization's data for which it was previously used.

1. In the MDR Web Console window, navigate to the Settings menu item.

   The user list opens.

2. Click the Add button located above the user list.

   The invitation card appears.

3. In the Email field, specify an email address.
4. In the User role field, specify a role for the new user.

   The following user roles are available:

   • MDR Administrator

     The superuser who has access to all Kaspersky Managed Detection and Response functions granted by the license. The MDR Administrator can grant access to client data sources to other users. When you activate Kaspersky Managed Detection and Response, you become the MDR Administrator automatically, which is why we recommend using a corporate email address for the activation process instead of a personal email address. Having the MDR Administrator created with a personal email address can pose security risks, such as theft of the MDR Administrator account.

     In Kaspersky Security Center, this role corresponds to the following access rights:

     Functional area	Allow	Deny
     Incident access
     Auto-accept settings
     Response management
     Tenant management
     Incident summary scheduling
     REST API access

     Only a user with the MDR Administrator role assigned can assign the MDR Administrator role to a new user.

   • Senior Security Officer

     An employee who has access to the Kaspersky Managed Detection and Response functions granted by the license, but who does not have access to the REST API. The Senior Security Officer has the right to accept and reject responses.

     Incident response is a structured methodology for handling security incidents, breaches, and cyberthreats.

     In Kaspersky Security Center, this role corresponds to the following access rights:

     Functional area	Allow	Deny
     Incident access
     Auto-accept settings
     Response management
     Tenant management
     Incident summary scheduling
     REST API access

   • Security Officer

     An employee who has access to the Kaspersky Managed Detection and Response functions granted by the license, but who does not have access to the REST API. The Security Officer cannot accept and reject responses.

     In Kaspersky Security Center, this role corresponds to the following access rights:

     Functional area	Allow	Deny
     Incident access
     Auto-accept settings
     Response management
     Tenant management
     Incident summary scheduling
     REST API access

5. If necessary, select the value (or values) in the Tenant drop-down list.

   Tenants that already exist in Console and have the Root tenant value are suggested.

   The user can view only the assets and incidents related to the specified tenants. If you have assets and incidents not assigned to any tenants, the user can view them if you select the Root tenant value.

   You can select the Root tenant value, in addition to specifying tenant names.

6. Click Invite.

   The invitation card disappears.

   Enter the email address. The email address must first be registered and verified on the auth.hq.uis.kaspersky.com web portal.

A message with the invitation link is sent from noreply@mail.account.uis.kaspersky.com to the specified email address.

The invited user must verify his or her email address by following the link from the message. The user cannot log in and use Kaspersky Managed Detection and Response until their email is verified. Permissions corresponding to the user role will be granted after the first login of the user.

Page top