Advice Request Adding a trusted application

Please provide comments and solutions that are helpful to the author of this topic.
J

jamey910111

Level 4
Thread author
Jun 7, 2024
170
364
266
I know this is a kind of depends on user choice question, but i've added an application as a trusted application and have selected the following settings. Any tips on what to select or nbot? I am also not sure what the last two options BEFORE Do not scan all traffic mean. So I mean I am not sure exactly what allow interaction with kaspersky standard interface means or does in effect, or the purpose of do not block itneraciton with AMSI Protection component, and if those should be checked or not.

saE653bo_o.png
 
The "Allow interaction with Kaspersky standard interface" option means the app can interact with Kaspersky's user interface. If unchecked, the app may not function correctly with Kaspersky. The "Do not block interaction with AMSI Protection component" option allows the app to interact with the Anti-Malware Scan Interface (AMSI), a standard Microsoft interface that allows apps to request virus scans. If unchecked, the app may not be able to utilize AMSI's features. Both options can be checked for trusted apps. However, if you notice any suspicious behavior, uncheck them.
 
  • Like
Reactions: jamey910111
harlan4096 said:
It depends on the application to exclude and the issue You are having with Kaspersky.
Click to expand...
The application in question is wiresock - WireSock Secure Connect - Advanced VPN Client it's a wireguard vpn protocol
Kaspersky doesn't flag it in any negative way, but i feel that over time the two conflcit by increasing usa - when i add it as a trusted application like i did in that screenshot, that issue does not occur. So would you have any advice on which options to select or not?
 
Hum... if you are not getting any issue or incompatibility between Your security Kaspersky product and WSS, I would directly not create any exclusion in WSS Intrusion Prevention rules.

If you had connections issues, I would enable "Do not scan all traffic or Encrypted traffic".
 
  • Like
Reactions: Berny and Captain Awesome
Thanks @harlan4096 - it's weird cpu usage spikes i get when it's not added as trusted application. that's why. I assume that when you say "connections issues" you are saying maybe by enabling "do not scan all traffic or encrypted traffic" then that will resolve my cpu usage issues. But without opening a can of worms this could potentially leave me open to other vulnerabilities...?
 
  • Like
Reactions: Khushal and harlan4096

You may also like...