Kaspersky Endpoint Security supports Antimalware Protected Process Light technology (hereinafter referred to as "AM-PPL") from Microsoft. AM-PPL protects Kaspersky Endpoint Security processes against malicious actions (for example, terminating the application). AM-PPL allows only trusted processes to run. Kaspersky Endpoint Security processes are signed in accordance with Windows security requirements, and therefore they are trusted. For more details about AM-PPL technology, please visit the Microsoft website. AM-PPL technology is enabled by default.
Kaspersky Endpoint Security also has built-in mechanisms for protecting application processes. AM-PPL support lets you delegate process security functions to the operating system. You can thereby increase the speed of the application and reduce the consumption of computer resources.
The AM-PPL service is available for Windows 10 version 1703 (RS2) or later, and Windows Server 2019 operating systems.
To enable or disable AM-PPL technology:
The Self-Defense mechanism prevents modification and deletion of application processes in the computer memory, including changing the AM-PPL status.
klpsm.exe enable– enable support for AM-PPL technology (see the figure below).
klpsm.exe disable– disable support for AM-PPL technology.
Enabling support for AM-PPL technology