The Host Intrusion Prevention component prevents applications from performing actions that may be dangerous for the operating system, and ensures control over access to operating system resources and personal data.
This component controls the activity of applications, including their access to protected resources (such as files and folders, registry keys) by using application control rules. Application privilege control rules are a set of restrictions that apply to various actions of applications in the operating system and to rights to access computer resources.
The network activity of applications is monitored by the Firewall component.
When an application is started for the first time, the Host Intrusion Prevention component checks the security of the application and places it into one of the trust groups. A trust group defines the rules that Kaspersky Endpoint Security applies when controlling application activity.
You are advised to participate in Kaspersky Security Network to help the Host Intrusion Prevention component work more effectively. Data that is obtained through Kaspersky Security Network allows you to sort applications into groups with more accuracy and to apply optimum application privilege control rules.
The next time the application starts, Host Intrusion Prevention verifies the integrity of the application. If the application is unchanged, the component applies the current application privilege control rules to it. If the application has been modified, Host Intrusion Prevention analyzes the application as if it were being started for the first time.Page top