This Help provides information related to Kaspersky Endpoint Agent for Windows. This information may be partially or completely inapplicable to Kaspersky Endpoint Agent for Linux. For complete information about Kaspersky Endpoint Agent for Linux, please refer to the Help of the solution that includes the application: Kaspersky Anti Targeted Attack Platform or Kaspersky Managed Detection and Response.
In the main Kaspersky Security Center Web Console window select Devices → Policies and profiles.
Select the policy you want to configure.
In the <Policy name> window that opens, select the Application settings tab.
Select the Execution prevention section.
In the Prevention mode group of settings, select the Enable the prevention of untrusted objects execution check box.
In the Apply prevention rules in mode drop-down list, select the required mode for applying Execution prevention rules:
Statistics only.
In this mode, Kaspersky Endpoint Agent records to the Windows Event Log and to Kaspersky Security Center an event about attempts to execute objects or open documents that meet the criteria of the Execution prevention rules, but does not block execution or opening these objects.
Active.
In this mode, Kaspersky Endpoint Agent blocks execution of the objects or opening the documents that meet criteria of the Execution prevention rules.
When you enable Execution prevention in Kaspersky Security Center, the Statistics only mode is selected by default.
If you configure the policy settings, in the upper right corner of the group of settings, change the switch from Undefined to Enforce.