To configure distribution of applications by trust groups in Kaspersky Security Center:
Open Kaspersky Security Center Administration Console.
In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
In the workspace, select the Policies tab.
Select a Light Agent for Windows policy in the list of policies and open the Properties: <Policy name> by double-clicking.
In the policy properties window, select the Application Privilege Control section in the list on the left.
To automatically place digitally signed applications in the Trusted group, select the Trust applications with a digital signature check box.
Choose the way in which unknown applications are to be assigned to trust groups:
To use heuristic analysis for assigning unknown applications to trust groups, select Use heuristic analysis to assign group and specify the amount of time allocated for scanning the application that is launched in the Maximum time to assign group field.
If you want to assign all unknown applications to a specified trust group, select the option Automatically move to group and select the appropriate trust group in the drop-down list.
Click the Apply button.
To configure distribution of applications by trust groups in the local interface:
In the left part of the window, in the Endpoint control section, select Application Privilege Control.
In the right part of the window, the Application Privilege Control component's settings are displayed.
If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.