Intrusion Prevention rules

November 9, 2022

ID 24749

A rule is a set of reactions by Intrusion Prevention in response to actions that an application performs on various categories of operating system resources and personal data.

Intrusion Prevention can react to actions of an application in the following ways:

Inherit. Intrusion Prevention reacts to the activity of the application by applying the rule that is configured for the status that Intrusion Prevention has assigned to the application.
This response is applied by default. By default, Intrusion Prevention inherits access rights from the status that Intrusion Prevention has assigned to the application.

If you edited a rule for an application, the rule for the application will have a higher priority than the rule for the status that was assigned to the application.
Allow. Intrusion Prevention allows the application to perform the action.
Deny. Intrusion Prevention prevents the application from performing the action.
Ask user. If the Perform recommended actions automatically check box is cleared under Settings → Security settings → Exclusions and actions on object detection, Intrusion Prevention asks the user to decide. If the check box is selected, the action is chosen automatically. You can follow the footnote in the Kaspersky application window to read about exactly which action will be selected.
Log events. Intrusion Prevention logs information about the application activity and responses to it in a report. Information can be added to a report in addition to any other action taken by Intrusion Prevention.

Kaspersky Plus. A high level of your protection.

Advanced security, performance optimization, and privacy features including unlimited VPN and password manager.

Kaspersky Free. Our core antivirus protection, completely free.

Keeps your devices secure without slowing them down. Download the application and be safe.

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.