During the first startup of an application, the Host Intrusion Prevention component determines the trust group for the application. If you do not have Internet access or if Kaspersky Security Network has no information about this application, Kaspersky Endpoint Security will place the application into the Low Restricted group by default. When information about a previously unknown application is detected in KSN, Kaspersky Endpoint Security will update the rights of this application. You can then manually edit the application rights.
Open the Kaspersky Security Center Administration Console.
In the console tree, select Policies.
Select the necessary policy and double-click to open the policy properties.
In the policy window, select Advanced Threat Protection → Host Intrusion Prevention.
Intrusion Prevention settings
In the Application processing rules block, use the Trust group for applications that could not be added to existing groups drop-down list to select the necessary trust group.
If participation in Kaspersky Security Network is enabled, Kaspersky Endpoint Security sends KSN a request for the reputation of an application each time the application is started. Based on the received response, the application may be moved to a trust group that is different from the one specified in the Host Intrusion Prevention component settings.
Use the Update rights for previously unknown applications from KSN database check box to configure automatic update of the rights of unknown applications.
In the main window of the Web Console, select Devices → Policies & Profiles.
Click the name of the Kaspersky Endpoint Security policy.
The policy properties window opens.
Select the Application settings tab.
Go to Advanced Threat Protection → Host Intrusion Prevention.
Intrusion Prevention settings
In the Application processing rules block, use the Trust group for applications that could not be added to existing groups drop-down list to select the necessary trust group.
If participation in Kaspersky Security Network is enabled, Kaspersky Endpoint Security sends KSN a request for the reputation of an application each time the application is started. Based on the received response, the application may be moved to a trust group that is different from the one specified in the Host Intrusion Prevention component settings.
Use the Update rights for previously unknown applications from KSN database check box to configure automatic update of the rights of unknown applications.
In the application settings window, select Advanced Threat Protection → Host Intrusion Prevention.
In the Application processing rules block, select the appropriate trust group.
If participation in Kaspersky Security Network is enabled, Kaspersky Endpoint Security sends KSN a request for the reputation of an application each time the application is started. Based on the received response, the application may be moved to a trust group that is different from the one specified in the Host Intrusion Prevention component settings.
Use the Update rules for previously unknown applications from KSN check box to configure automatic update of the rights of unknown applications.
button.