Application Management

Used for Inventory, startup management, application update and monitoring of software vulnerabilities.

1. Application Categories
 Click on Application categories and then select New category.
 A New Category Wizard will open and select “Category with content added manually”

 On the New Category Wizard, enter the application category name, e.g. Blocked Apps, and
click Next.

 Click on Add to configure conditions for inclusion of applications in the category. And among
the conditions choose From file properties option then click Next.
 Click on Get data and select From file option. For example, ultrasurf VPN app is stored on
the PC for this demo. Then go to the ultrasurf file location and select it.
 Now all the information for the ultrasurf file is populated and click Ok
 Repeat the above steps to add the other details of the file which are Certificate details and
File hash. Note that one of the above settings is enough.
 Click on Next if there is no additional conditions we add here.
 Click Next and Finish if there is no other conditions for exclusion of applications from the
category.
 Then assign this Blocked Apps category to a policy. To assign, click on Policies and open
Kaspersky Endpoint Security for Windows (11.2.0) to edit Application Control under Security
Controls.

 The Application Control window opens

 On the Application Control window, click on Add. The Application Control rules opens.
 Choose Blocked Apps from the Category then edit users permission allow/deny.
 Click Ok after configuring permission.

 Once rule is applied, it will block the app.

 We can also create application category from the Policy folder and selecting the Properties
windows of Kaspersky Endpoint Security for Windows policy.
2. Applications Registry

 The applications registry contains detailed information about the applications installed on
managed devices running Microsoft Windows.
3. Executable files

 Shows detailed information about executable files which have been run on managed devices
and detected by the inventory task.

4. Software Vulnerabilities

 Shows details information about software vulnerabilities on managed devices.

 Run Vulnerability Fix Wizard to fix the reported vulnerabilities on the apps.
 Generates different reports.
 We can run a task to find vulnerabilities and required updates.
 Running the Vulnerability Fix Wizard will search for an existing fix tasks and click Next to add
vulnerability fix rule to existing task or create new vulnerability fix task.
5. Software Updates

 Provides information about installed applications on the managed devices.

 Approve to install.
 Select the application and click on Run Update Installation Wizard tab.

 The Update Installation Wizard will open to search for a task to install the update. Select the
checkbox and click on Next if an update Task was created before. Otherwise a new window
will open to prompt to create new Task.
 Click on Finish.
 To immediately update, click on Start then click on Finish. Otherwise the update Task will
run based on the schedule configured.
 To approve or decline an update, select the update and on the right side of workspace
either select Approved, Declined or Undefined (default one)