Kaspersky Security Center

Adding event-related executable files to the application category

April 8, 2024

ID 158577

Expand all | Collapse all

You can add executable files related to the Application startup prohibited and Application startup prohibited in test mode events to an existing application category with content added manually or to a new application category.

To add executable files related to Application Control events to the application category:

  1. In the console tree, select the node with the name of the required Administration Server.
  2. In the workspace of the node, select the Events tab.
  3. On the Events tab, select the required events.
  4. In the context menu of one of the selected events, select Add to category.
  5. In the Action on executable file related to the event window that opens, specify the relevant settings:

    Select one of the following:

    • Add to a new application category
    • Add to an existing application category

    In the Rule type section, select one of the following settings:

    • Add to category
    • Rules for adding to exclusions

    In the File info type section, select one of the following settings:

    • Certificate details (or SHA-256 hashes for files without certificate)
    • Certificate details (files without a certificate will be skipped)
    • Only SHA-256 (files without hash will be skipped)
    • Only MD5 (discontinued mode, only for Kaspersky Endpoint Security 10 Service Pack 1 version)
  6. Click OK.

See also:

Scenario: Application Management

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.