Configuring custom integrations

You can respond to alerts and incidents via external systems by launching third-party scripts on remote client devices. To enable this option, you have to configure the environment and integration between Kaspersky Next XDR Expert and the script launch service.

To configure environment for launching third-party custom scripts, you must:

• Set a device on which the third-party custom script is launched.
• Configure integration between Kaspersky Next XDR Expert and the script launch service.
• Create a playbook that will be used to launch the script.

It is the customer who provides access to third-party custom scripts and updates the scripts.

To configure integration between Kaspersky Next XDR Expert and the script launch service:

1. In the main menu, go to Settings → Tenants.

   The list of tenants is displayed on the screen.

2. Click the name of the required tenant.

   The tenant's properties window opens.

3. Go to the Settings tab, and then in the Custom integration section:
   • Turn on the Custom integration toggle button.
   • In the Remote host verification section, turn on the Verify the host before connecting toggle button, and then fill in the Public key field to enable verification of a client device in Kaspersky Next XDR Expert.
   • In the Remote host connection section, do the following:
     • Fill in the IP address or host name and Ports fields.
     • Select an SSH authentication method that will be used to establish a secure connection with a remote device:
       • User name and password. If you select this authentication method, at the next step you must enter the user name and password.
       • SSH key. If you select this authentication method, at the next step you must enter the user name and SSH key.
     • Click the Add data button.
4. In the window that opens, enter the required data, and then click the Save button.

   If you want to edit the data you saved, click the Replace button, enter new data in the window that opens, and then save the edits.

   To ensure that the connection is established successfully, click the Check connection button. The result is displayed in the Connection status parameter.

5. Click the Save button to save the settings.

Integration between Kaspersky Next XDR Expert and the script launch service is configured. You can perform response actions on remote devices by launching playbooks.