You can define settings according to which Kaspersky Endpoint Security for Windows prevents the execution of certain objects (executable files and scripts) or the opening of Microsoft Office documents on your users' devices.
Later, when analyzing Endpoint Detection and Response alerts, you may want to add a detected object to the list of execution prevention rules, to prevent it from being executed in the future on the same and other devices.
Execution prevention has the following limitations:
Prevention rules do not cover files on CDs, DVDs, or in ISO images. Kaspersky Endpoint Security for Windows does not block the execution or opening of these files.
It is impossible to block the startup of a system-critical object (SCO). SCOs are files that the operating system and Kaspersky Endpoint Security for Windows require to be able to run.
You can add up to 1000 execution prevention rules.