Enabling and disabling Self-Defense

This section provides information related to Kaspersky Endpoint Agent for Windows. This information may be partially or completely inapplicable to Kaspersky Endpoint Agent for Linux. For complete information about Kaspersky Endpoint Agent for Linux, please refer to the Help of the solution that includes the application: Kaspersky Anti Targeted Attack Platform or Kaspersky Managed Detection and Response.

The Self-Defense mechanism of Kaspersky Endpoint Agent provides protection from malware that tries to lock or delete the application. The Self-Defense mechanism prevents the alteration or deletion of application files on the hard drive, memory processes, and entries in the system registry.

To enable or disable Self-Defense:

Do one of the following:
- Open the application properties window for an individual device.
  1. In the main Kaspersky Security Center Web Console window select Devices → Managed devices.
  2. Select the device.
  3. In the <Device name> window that opens, select the Applications tab.
  4. Select Kaspersky Endpoint Agent.
  5. In the window that opens, select the Application settings tab.
- Open the policy properties window.
  1. In the main Kaspersky Security Center Web Console window select Devices → Policies and profiles.
  2. Select the policy you want to configure.
  3. In the <Policy name> window that opens, select the Application settings tab.
In the Application settings section select the Security settings subsection.
In the Self-defense group of settings, enable or disable the Enable self-defense for application modules in memory setting.
If you configure the policy settings, in the upper right corner of the group of settings, change the switch from Undefined to Enforce.
Click OK.
Click the Save button.

The Self-Defense mechanism is now enabled or disabled.