Kaspersky Endpoint Security is an application that is installed on individual devices in the corporate IT infrastructure. The application continuously monitors processes running on those devices, active network connections, and files that are being modified. Information about events on the computer (telemetry) is sent to the Kaspersky Anti Targeted Attack Platform server. Kaspersky Endpoint Security also sends information about threats detected by the application and information about the results of processing these threats to the Kaspersky Anti Targeted Attack Platform server.
When the integration of Kaspersky Endpoint Security with Kaspersky Anti Targeted Attack Platform is configured, the application runs tasks, applies parameters coming from Kaspersky Anti Targeted Attack Platform, and sends telemetry from the protected device to the KATA Central Node server. For more details about what Kaspersky Endpoint Security can do when integrated with Kaspersky Anti Targeted Attack Platform, see the Operating principle of the application section.
For details about managing Kaspersky Endpoint Security, see the Online Help of the application:
To integrate with Kaspersky Anti Targeted Attack Platform, in addition to the Kaspersky Endpoint Security activation key, you must also add the Kaspersky Endpoint Detection and Response (KATA) Add-on key. For details on application licensing, see Kaspersky Endpoint Security Online Help → Integration with EDR (KATA).