If participation in Kaspersky Security Network is enabled, Kaspersky Endpoint Security sends KSN a query about the reputation of an application each time the application is started. Based on the received response, the application may be moved to a trust group that is different from the one specified in the Host Intrusion Prevention component settings.
Kaspersky Endpoint Security always places applications signed by Microsoft certificates or Kaspersky certificates into the Trusted group.
To configure the settings for placement of applications in trust groups:
Trusted vendors are those software vendors that are included in the trusted group by Kaspersky. You can also add vendor certificate to the trusted system certificate store manually.
For security reasons, the Trusted group is not included in the values of the If trust group cannot be defined, automatically move applications to setting.