To ensure that Application Control rules do not block applications required for work, it is recommended to enable testing of Application Control rules and analyze their operation after creating new rules. When testing is enabled, Kaspersky Endpoint Security will not block applications whose startup is forbidden by Application Control rules, but will instead send notifications about their startup to the Administration Server.
When testing the allowlist mode, it is recommended to perform the following actions:
In particular, based on the test results, you can add executable files related to events to an application category.