An event in the organization's IT infrastructure that was marked as unusual or suspicious and that may pose a threat to the security of the organization's IT infrastructure.
A device with an installed Kaspersky EPP application (for example, Kaspersky Endpoint Security for Windows).
An integrated system of complex protection for endpoint devices (for example, mobile devices, computers, or laptops) that includes various security technologies. An example of an Endpoint Protection Platform is Kaspersky Endpoint Security for Business.
An application included in a protection system for endpoint devices (Endpoint Protection Platform, or EPP). EPP applications are installed on endpoint devices within the IT infrastructure of an organization (for example, mobile devices, computers, or laptops). An example of an EPP application is Kaspersky Endpoint Security for Windows, as part of the EPP solution Kaspersky Endpoint Security for Business.
Any significant occurrence in the system, an application or managed devices that requires a user to be notified.
An activity evaluated as critical by the detection technology and which requires immediate reaction from Kaspersky Endpoint Detection and Response.
An indicator of attack (or IOA) is the description of suspicious behavior of objects in an organization's IT infrastructure, which can be a sign of attack targeted at this organization.
A rule containing the description of a suspicious activity in the system that could be a sign of a targeted attack.
An indicator of compromise (or IOC) shows the evidence on a device that points to a security breach.
The objective that an attacker wanted to achieve during a cyber attack on the Client infrastructure.
The method used by the attacker to perform malicious actions during a cyberattack on the Client infrastructure. Each MITRE tactic contains an array of MITRE techniques.
Incident response is a structured methodology for handling security incidents, breaches, and cyberthreats.
Data that is sent from assets to Kaspersky Endpoint Detection and Response.
A tenant is an organization to which you supply Kaspersky Endpoint Detection and Response.
Page top