[KSCCC and SIEM [MOVED]]

Hello,

Can someone tell me if KSC Cloud Console 12 can export logs to a SIEM ?

I know that KSC can but not sure for the KSCCC.

Thanks

[Kaspersky EDR / Sandbox]

Thanks for your answers !

Some points still not clear for me :

• isn’t the result of a Sandbox sent to KSN, KTIP or other public Cloud services ?
• Regarding the synchronous/Asynchronous mode, may I understand that the synchronous one is when KEA requests the cache of the Sandbox and then the file is suspended from running until the result ? And Asynchronous is if no cache answer then KEA pushes file to Sandbox for emulation and file is running on the client until the sandboxing result. Is that correct ?

Rgds

[Kaspersky EDR / Sandbox]

Hello,

Working on EDR (Optimum/Sandbox) and still have some questions :

• When the Sandbox gives a result on a file (good or bad), where this information is pushed ? SIEM, KSN, KTIP, Others ? Is this pushed by the Sandbox itself or the Sandbox sends the information to the KSC to push it everywhere, Sandbox to KEA to KES to KSC to everywhere ?
• I still don’t understand when the Sandbox use the synchronous and asynchronous mode for the emultation.. Can someone explain me ?
• KEA agent for EDR/Sandbox seems to be compatible with Linux now (KES). Does someone know where I can find this information ?
• EDR can be managed by KSC ou KSC Cloud Console. Are there differences between the 2 console for the EDR capabilities ?

Thanks in advance for your help.