Support

Support for business applications

Kaspersky Endpoint Detection and Response Optimum

Working with alert details

Preventing file execution from alert details
Kaspersky Endpoint Detection and Response Optimum
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ System requirements Download Forum Contact support Recovery tools Product videos

Preventing file execution from alert details

March 5, 2024

ID 220395

For Execution prevention rules to be applied on the device where an alert occurs, the active policy of an application that supports Kaspersky Endpoint Detection and Response Optimum functionality must be applied to the device. If the device on which an alert occurs is not managed by an active policy, an Execution prevention rule will not be created. For example, if Kaspersky Endpoint Security for Windows is the EPP application installed on the device, then a Kaspersky Endpoint Security for Windows policy must be applied to the device. If Kaspersky Endpoint Agent and an EPP application are installed on a device, the Kaspersky Endpoint Agent policy must be applied to the device.

To prevent file execution from the alert details:

  1. Open the alert details.
  2. In the File section, click the Prevent execution button.

File execution will be prevented. An Execution prevention rule will be added to the policy for the group the device belongs to.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.