By default, application activity is controlled by application privilege control rules that are defined for the trust group to which Kaspersky Endpoint Security assigned the application on first launch. If necessary, you can edit the application privilege control rules for an entire trust group, for an individual application, or a group of applications that are within a trust group.
Application privilege control rules that are defined for individual applications or groups of applications within a trust group have a higher priority than application control rules that are defined for a trust group. In other words, if the settings of the application control rules for an individual application or a group of applications within a trust group differ from the settings of application control rules for the trust group, the Host Intrusion Prevention component controls the activity of the application or the group of applications within the trust group according to the application control rules that are defined for the application or the group of applications.