Kaspersky Anti Targeted Attack Platform Interface

The program is managed through the web interface. Sections of the program web interface differ depending on the role of the user: Administrator or Senior security officer / Security officer.

The window of the program web interface contains the following items:

• Sections in the left part and in the lower part of the program web interface window.
• Tabs in the upper part of the program web interface window for certain sections of the program.
• The workspace in the lower part of the program web interface window.

Sections of the program web interface window

The program web interface that is available to users with the Senior security officer and Security officer roles provides the following sections:

• Dashboard. Contains Kaspersky Anti Targeted Attack Platform Monitoring data.
• Alerts. Contains information about alerts in your organization's network.
• Threat Hunting. Contains information about events detected on hosts of your organization.
• Tasks. Contains information about tasks that you can use to manage files and applications on hosts.
• Prevention. Contains information about policies that you can use to manage preventions of files running on selected hosts.
• User rules: TAA, IDS, IOC, and YARA. Contains information for managing user-defined rules.
• Storage: Files, and Quarantine Contains information for managing objects in quarantine and Storage.
• Endpoint Agents. Contains information about managing the Kaspersky Endpoint Agent program and viewing data.
• Reports: Generated Reports and Templates. Contains a report builder and a list of generated reports about alerts.
• Settings: IOC scanning schedule, Endpoint Agents, KPSN reputation database, Notifications, VIP status, White lists, Passwords to archives, and License. Contains information on the IOC scan schedule, and the settings for publishing objects in KPSN and assigning the VIP status to alerts based on information contained in alerts, the white list and IDS and TAA (IOA) rules excluded from scanning, passwords of archives, and added keys.

Workspace of the program web interface window

The workspace displays the information you choose to view in the sections and on the tabs of the program web interface window. It also contains control elements that you can use to configure how the information is displayed.

See also Selecting an organization to manage in the web interface of the program Monitoring program operation Table of alerts Filtering, sorting, and searching alerts Viewing alerts Recommendations for processing alerts User actions performed on alerts Events database threat hunting Event information Managing Kaspersky Endpoint Agent host information Network isolation of Kaspersky Endpoint Agent hosts Managing tasks Managing policies (prevention rules) Managing user-defined rules Managing objects in Storage and Quarantine Managing reports Sending notifications Managing rules for assigning the VIP status to alerts Managing the white list of objects Managing IDS exclusions Managing TAA exclusions Creating a list of passwords for archives

Page top