Kaspersky Industrial CyberSecurity for Nodes

Adding a process to the protection scope

August 3, 2023

ID 179844

The Exploit Prevention component protects several processes by default. You can uncheck the processes that you don't want to protect in the list of protected processes.

To add a process to the list of protected processes:

  1. Open the Processes protection settings window.
  2. To add a process to protect it from abuse and to reduce the potential impact of an exploit, perform the following actions:
    1. Click the Browse button.

      The standard Microsoft Windows Open window opens.

    2. In the window that opens select a process you want to add to the list.
    3. Click the Open button.
    4. Click the Add button.

      The process will be added to the list of protected processes.

  3. Select a process in the list.
  4. The current configuration is displayed on the Processes protection settings tab:
    • Process name.
    • Is being executed.
    • Exploit prevention techniques applied.
    • Attack Surface Reduction settings.
  5. To modify the exploit prevention techniques that are applied to the process, select the Exploit prevention techniques tab.
  6. Select one of the options for applying impact reduction techniques:
    • Apply all available exploit prevention techniques.

      If this option is selected, the list cannot be edited. By default, all available techniques are applied to a process.

    • Apply listed exploit prevention techniques for the process.

      If this option is selected, you can edit the list of impact reduction techniques applied:

      1. Select the check boxes next to the techniques that you want to apply to protect the selected process.
  7. Configure settings for the Attack Surface Reduction technique:
    • In the Deny modules field, enter the names of the modules whose launch from the protected process will be blocked.
    • In the Do not deny modules if launched in the Internet Zone section, select the check boxes next to the options for which you want to allow modules to be launched:
      • Internet
      • Local intranet
      • Trusted URL
      • Restricted sites
      • Computer

      These settings only apply to Internet Explorer.

  8. Click the Save button.

The process is added to the task protection scope.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.