Kaspersky Anti Targeted Attack Platform Interface

The application is managed through the web interface. Sections of the application web interface differ depending on the role of the user: Administrator or Senior security officer / Security officer / Security auditor.

The window of the application web interface contains the following:

• Sections in the left part and in the lower part of the application web interface window.
• Tabs in the upper part of the application web interface window for certain sections of the application.
• The workspace in the lower part of the application web interface window.

Sections of the application web interface window

The application web interface provides the following sections for users with the Senior security officer, Security officer, and Security auditor roles:

• Dashboard. Contains Kaspersky Anti Targeted Attack Platform Monitoring data.
• Alerts Contains information about alerts in the network of the tenant to which you have access.

  An individual organization or branch office of an organization to which the Kaspersky Anti Targeted Attack Platform solution is being provided.

• Threat Hunting. Contains information about events found on hosts of the tenant to which you have access.
• Tasks. Contains information about tasks that you can use to manage files and application on hosts.
• Prevention. Contains information about policies that you can use to manage preventions of files running on selected hosts.
• Custom rules: TAA, IDS, IOC, and YARA. Contains information for managing user-defined rules.
• Storage: Files, and Quarantine. Contains information for managing objects in quarantine and Storage.
• Endpoint Agents. Contains information about computers with the Kaspersky Endpoint Agent component and their settings.
• Reports: Generated Reports and Templates. Contains a report builder and a list of generated reports about alerts.
• Settings: IOC scanning schedule, Endpoint Agents, KPSN reputation database, Notification rules, VIP status, Exclusions, Passwords for archives, and License. Contains information on the IOC scan schedule, and the settings for publishing objects in KPSN and assigning the VIP status to alerts based on information contained in alerts, the list of allowed objects, and IDS and TAA (IOA) rules excluded from scanning, passwords of archives, and added keys.

Workspace of the application web interface window

The workspace displays the information you choose to view in the sections and on the tabs of the application web interface window. It also contains control elements that you can use to configure how the information is displayed.