Data on objects in Storage and quarantine
8 November 2023
ID 247487
Objects in Storage and quarantine may contain user data. Information about objects in Storage and about copies of objects quarantined on computers with Kaspersky Endpoint Agent using the Get file tasks is stored indefinitely on the Central Node server in the /data/var/lib/kaspersky/storage/pgsql/10/data/ directory.
Kaspersky Anti Targeted Attack Platform resources provide no capability to restrict the rights of the users of servers and operating systems to which the Central Node component is installed. The administrator is advised to use any system resources at their own discretion to control how the users of servers and operating systems with the application installed may be granted access to the personal data of other users.
Data on objects in Storage and quarantine may contain the following information:
- Name of the object.
- Path to the object on the computer with Kaspersky Endpoint Agent.
- MD5 and SHA256 hash of the file.
- ID of the user who quarantined the object on the computer with Kaspersky Endpoint Agent.
- ID of the user who placed the object in Storage.
- IP address of the computer on which the quarantined object is stored.
- Name of the computer on which the quarantined object is stored.
- Unique ID of the computer on which the quarantined object is stored in Storage.
- ID of the TAA (IOA) rule by which the alert was generated.
- Category of the detected object.
- Results for the object scanned using individual modules and technologies of the application.
