Support

Support for business applications

Kaspersky Endpoint Security 11 for Windows

Computer control

Application Control

Managing Application Control rules

Adding event-related executable files to the application category

Kaspersky Endpoint Security 11 for Windows
Нет результатов
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ Download Buy Renew Forum Contact support Recovery tools Product videos

Adding event-related executable files to the application category

April 25, 2024

ID 166737

Get as PDF

To add executable files related to Application Control events to the application category:

  1. Open the Kaspersky Security Center Administration Console.
  2. In the Administration Server node of the Administration Console tree, select the Events tab.
  3. Choose a selection of events related to operation of the Application Control component (Viewing events resulting from operation of the Application Control component, Viewing events resulting from test operation of the Application Control component) in the Event selections drop-down list.
  4. Click the Run selection button.
  5. Select the events whose associated executable files you want to add to the application category.
  6. Right-click to open the context menu for the selected events and select Add to category.
  7. In the window that opens, configure the settings of the application category:
    • In the upper part of the window, choose one of the following options:
      • Add to a new application category. Choose this option if you want to create a new application category and add executable files to it.
      • Add to an existing application category. Choose this option if you want to select an existing application category and add executable files to it.
    • In the Rule type block, select one of the following options:
      • Rules for adding to inclusions. Select this option if you want to create a condition that adds executable files to the application category.
      • Rules for adding to exclusions. Select this option if you want to create a condition that excludes executable files from the application category.
    • In the Parameter used as a condition block, select one of the following options:
      • Certificate details (or SHA-256 hashes for files without a certificate).
      • Certificate details (files without a certificate will be skipped).
      • Only SHA-256 (files without a hash will be skipped).
      • Only MD5 (discontinued mode, only for Kaspersky Endpoint Security 10 Service Pack 1 version).
  8. Save your changes.

Kaspersky Endpoint Security for Windows: Detection of advanced threats
Control systems which prevent damage from the sensitive data theft. Management from a single console. Buy as part of Endpoint Security for Business Advanced.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.