This section provides information related to Kaspersky Endpoint Agent for Windows. This information may be partially or completely inapplicable to Kaspersky Endpoint Agent for Linux. For complete information about Kaspersky Endpoint Agent for Linux, please refer to the Help of the solution that includes the application: Kaspersky Anti Targeted Attack Platform or Kaspersky Managed Detection and Response.
You can enable the detection of legitimate applications that can be used by cybercriminals to harm your organization's local network. Kaspersky Endpoint Agent believes such applications pose threats and performs threat response actions on them accordingly.
Legitimate applications are allowed to be installed and used on devices and are designed to perform user tasks. However, some types of legitimate applications, when used by cybercriminals, may harm an organization's devices or local network. If cybercriminals gain access to such applications or deploy them on devices, they can use the functions of these applications to violate the security of the organization's devices or local network.
These applications include IRC clients, dialers, file download applications, computer system activity monitors, password utilities, and Internet servers for FTP, HTTP or Telnet services.
To enable the detection of legitimate applications:
Detection of legitimate applications that can be used by cybercriminals to harm your organization's local network has been enabled.