Threat detection

Open Single Management Platform uses alerts and incidents as work items that are to be processed by analysts.

The Alerts and Incidents sections are displayed in the main menu if the following conditions are met:

• You have a license key for Kaspersky Next XDR Expert.
• You are connected to the root Administration Server in OSMP Console.
• You have one of the following XDR roles: Main administrator, Tenant administrator, Junior analyst, Tier 1 analyst, Tier 2 analyst, SOC manager, Interaction with NCIRCC, Approver, Observer.

In this section Working with alerts Working with incidents Configuring the retention period of alerts and incidents Viewing asset details

Page top