Data on detected threats

Support

Support for business applications

Kaspersky Anti Targeted Attack (KATA) Platform

Interaction with external systems via API

API that external systems can use to receive information about application alerts

Scope of transmitted data

Data on detected threats

8 November 2023

ID 181470

The scope of transmitted data on detected threats depending on the technology that was used to generate the alert is listed in the table below.

Data on detected threats

Technology	Parameter	Description	Data type	Example
One of the following technologies: Anti-Malware Engine. YARA. Intrusion Detection System.	`detect`	List of detected threats.	Array	`HEUR:Trojan.Win32.Generic, Trojan-DDoS.Win32.Macri.avy, UDS:DangerousObject.Multi.Generic`
	`dataBaseVersion`	Version of databases used to scan the file.	Integer	`201811190706`
Sandbox	`detect`	List of detected threats.	Array	`HEUR:Trojan.Win32.Generic, Trojan-DDoS.Win32.Macri.avy, UDS:DangerousObject.Multi.Generic`
	`image`	Name of the virtual machine image where the file was scanned.	String	`Win7`
	`dataBaseVersion`	Database version in the following format: `<version of the application databases which were used to scan the file> / <version of the IDS module databases>`.	Integer	`201902031107/ 201811190706`
URL Reputation	`detect`	List of URL Reputation categories for the detected object (for objects of type `URL` or `host`).	Array	`Phishing host, Malicious host, Botnet C&C(Backdoor.Win32.Mokes)`

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.