After you create Application Control categories, you can use them for configuring Application Control in Kaspersky Endpoint Security for Windows policies.
To configure Application Control in Kaspersky Endpoint Security for Windows policy:
A page with a list of policies is displayed.
The policy settings window opens.
The Application Control window with Application Control settings is displayed.
If you want to apply Application Control rules, switch the toggle button to disable the Test Mode option.
Information about the module and the application that loaded the module will be saved to a report.
Kaspersky Endpoint Security for Windows monitors only the DLL modules and drivers loaded after the Control DLL and drivers option is selected. Restart the computer after selecting the Control DLL and drivers option if you want Kaspersky Endpoint Security for Windows to monitor all DLL modules and drivers, including those loaded before Kaspersky Endpoint Security for Windows is started.
By default, Denylist mode is selected.
The Denylists and allowlists window opens to let you add an application category. By default, the Denylist tab is selected if the Denylist mode is selected, and the Allowlist tab is selected if the Allowlist mode is selected.
The Application Control rule window opens.
The Application Category window opens.
You can edit the settings of a created category by clicking the Edit button.
You can create a new category by clicking the Add button.
You can delete a category from the list by clicking the Delete button.
The Application Category window closes.
Application Control is configured. After the policy is propagated to the client devices, the startup of executable files is managed.
For detailed information about Application Control, refer to Kaspersky Endpoint Security for Windows Online Help and to the Kaspersky Security for Virtualization Light Agent.