Configuring process memory protection settings

To add a process to the list of protected processes:

Open the Exploit Prevention settings window.
In the Exploit prevention mode block, configure the following settings:
- Prevent vulnerable processes exploit.
  If this check box is selected, Kaspersky Industrial CyberSecurity for Nodes reduces the risks that vulnerabilities will be exploited in processes in the list of protected processes.
  
  If this check box is cleared, Kaspersky Industrial CyberSecurity for Nodes does not protect device processes from exploits.
  
  The check box is cleared by default.
  - Terminate on exploit.
    If this mode is selected, Kaspersky Industrial CyberSecurity for Nodes terminates a protected process upon detecting an exploit attempt if an active impact reduction technique has been applied to the process.
  - Notify only.
    If this mode is selected, Kaspersky Industrial CyberSecurity for Nodes reports exploits by displaying a terminal window. The compromised process continues to run.
    
    If Kaspersky Industrial CyberSecurity for Nodes detects an exploit in a critical process while the application is running in Terminate on exploit mode, the component switches to Notify only mode.
In the Preventing actions block, configure the following settings:
- Notify about abused processes via Terminal Service.
  If this check box is selected, Kaspersky Industrial CyberSecurity for Nodes displays a terminal window with an explanation of why protection was activated and an indication of the process in which an exploit attempt was detected.
  
  If the check box is cleared, Kaspersky Industrial CyberSecurity for Nodes displays a terminal window when an exploit attempt or termination of a compromised process is detected. A terminal window is displayed regardless of the status of the Kaspersky Security Exploit Prevention Service.
  
  The check box is cleared by default.
- Prevent vulnerable processes exploit even if Kaspersky Security Service is disabled.
  If this check box is selected, Kaspersky Industrial CyberSecurity for Nodes will reduce the risk of vulnerabilities being exploited in processes that have already been started, regardless of whether the Kaspersky Security Service is running. Kaspersky Industrial CyberSecurity for Nodes will not protect processes added after the Kaspersky Security Service is stopped. If the service is restarted, exploit impact reduction will be stopped for all processes.
  
  If this check box is cleared, Kaspersky Industrial CyberSecurity for Nodes does not protect processes from exploits when the Kaspersky Security Service is stopped.
  
  The check box is cleared by default.
Click OK in the Exploit Prevention settings window.

Kaspersky Industrial CyberSecurity for Nodes saves and applies the configured process memory protection settings.

Page top