Application Control

During execution of the Application Control task, Kaspersky Endpoint Security controls the launching of applications on user devices. This helps reduce the risk of device infection by restricting access to applications. Application launching is regulated by Application Control rules.

To use the component, a license that includes the corresponding function is required.

This feature is not supported in the KESL container.

Application Control can operate in two modes:

Denylist. In this mode Kaspersky Endpoint Security allows all users to launch any applications that are not specified in the Application Control rules. This is the default operation mode of the Application Control component.
Allowlist. In this mode Kaspersky Endpoint Security prevents all users from launching any applications that are not specified in the Application Control rules.

For each Application Control mode, separate rules can be created and an action can be specified: apply rules or notify about an attempt to start an application that matches the rules. Kaspersky Endpoint Security performs this action when it detects an attempt to start an application.

The Application Control settings are described in the following table.

Application Control settings

Setting	Description
Application Control enabled / disabled	This toggle button enables or disables Application Control. The toggle button is switched off by default.
Action on starting applications blocked by rules	The action that Kaspersky Endpoint Security performs upon detecting an attempt to start an application that matches the configured rules: Notify (test mode). If you select this option, Kaspersky Endpoint Security tests the rules and generates an event about an attempt to start an application that matches the rules. Apply rules (default value). If you select this option, Kaspersky Endpoint Security applies Application Control rules and performs the action specified in the rules.
Application Control mode	Application Control task operation mode: Allowlist. If you select this option, Kaspersky Endpoint Security prevents all users from launching any applications except those specified in the Application Control rules. Denylist (default value). If you select this option, Kaspersky Endpoint Security allows all users to launch any applications except those specified in the Application Control rules.
Application Control rules	Clicking the Configure rules link opens the Application Control rules window.

Page top