How to generate test alerts for the security and data discovery modules of Kaspersky Security for Microsoft Office 365

[S3curity_Support]

Hello

Please could you help me by telling me how to generate detections for the different modules of Kaspersky Security for Microsoft Office 365, including data discovery. I am currently testing the product and I want to be able to show all the capabilities of the product. Since despite having protection enabled for all users, sharepoint sites and mailboxes, the only tests that have shown detection of malicious elements is the sending of the EICAR file between Exchange Online accounts, but I have added data supported by the data discovery module such as social security numbers and I cannot get the module to identify it and notify me or appear in the report. I want to be able to show detection alerts for each module so that my manager can analyze the operation of the Kaspersky solution. Even if I add the EICAR file to a Sharepoint site or share it on OneDrive it is not detected.

Note: the data entered for the Data Discovery module is from Latin American countries supported by the solution.

https://support.kaspersky.com/KS4MO365/1.2/en-US/214650.htm

 

Thank you, best regards.

Edited July 25 by S3curity_Support
Title posted in incorrect language

[KarDip]

Hello @S3curity_Support

To generate detections for the various modules of Kaspersky Security for Microsoft Office 365, including the Data Discovery module, follow these steps:

1. Ensure Proper Configuration

• Check Settings: Make sure that all modules are properly configured in the Kaspersky Security for Microsoft Office 365 dashboard. This includes ensuring that the Data Discovery module is enabled and correctly set up to scan for sensitive data types (like social security numbers).
• User Permissions: Confirm that the users and services have the necessary permissions to access and scan the relevant SharePoint sites and mailboxes.

2. Testing Data Discovery

• Create Test Data: Use sample data that matches the criteria set for Data Discovery. For instance, create documents or entries that contain social security numbers or other sensitive information.
• Upload to SharePoint/OneDrive: Place the test documents in locations that are monitored by Kaspersky, such as SharePoint sites or OneDrive.

3. Generate Alerts for EICAR and Other Tests

• EICAR File: Since you’ve successfully tested the EICAR file between Exchange Online accounts, continue using it as a benchmark. Upload the EICAR file to SharePoint and OneDrive to see if it triggers any alerts.
• Malicious URLs: Test with known malicious URLs or phishing attempts to see if the email protection module detects them.

4. Review Logs and Reports

• Access Reports: After testing, check the Kaspersky Security dashboard for any logs or reports generated from your tests. Look specifically for entries related to Data Discovery and other modules.
• Notifications: Ensure that notifications are set up correctly in the settings to alert you when detections occur.

5. Fine-Tuning Detection Criteria

• If certain data types are not being detected, you may need to adjust the detection criteria in the Data Discovery settings to ensure they align with the formats of the data you are testing.

6. Consult Documentation and Support

• Refer to the Kaspersky support documentation for any specific configurations or troubleshooting steps related to your region's data formats: Kaspersky Support.
• If problems persist, consider reaching out to Kaspersky support for assistance in diagnosing detection issues.

7. Demonstration to Management

• Prepare a summary report of your tests, including successful detections and any configurations made. This will help your manager understand the capabilities and limitations of the Kaspersky solution.

By following these steps, you should be able to demonstrate the detection capabilities of Kaspersky Security for Microsoft Office 365 effectively. If you encounter specific issues during testing, please provide details so I can assist further.

Thank You

Edited November 7 by KarDip
element console correction