Exploit Prevention mode

You can select one of the following modes to configure actions taken to reduce risks that vulnerabilities will be exploited in protected processes:

• Block. If this mode is selected, Kaspersky Industrial CyberSecurity for Nodes terminates a protected process upon detecting an exploit attempt if an active impact reduction technique has been applied to the process.

  Upon detecting an attempt to exploit a vulnerability in a protected critical operating system process, Kaspersky Industrial CyberSecurity for Nodes does not terminate the process, regardless of the mode indicated in the Exploit Prevention component settings.

• Inform (when working in the Kaspersky Security Center Web Console – Inform). Apply this mode to receive information about instances of exploits in protected processes using events in the Security log. The abused process continues to run.

  If this mode is selected, Kaspersky Industrial CyberSecurity for Nodes creates events to log all attempts to exploit vulnerabilities. Selected by default.

Page top