Features and Benefits

Agent Installation from Windows or the Command Prompt

Install Endpoint Application Control agents using Windows or the command prompt.

See Agent Deployment.

Agent Self-Protection

Prevents Endpoint Application Control agents from being stopped or uninstalled by either an end-user or an external third-party application or process.

Agent Windows Interface and Notification Controls

Hide the agent Windows system tray icon and Windows notifications using policies.

AIR Score

Part of the Smart Protection Network™

Enables administrators to allow or block applications based on a comprehensive security score from Trend Micro.

See Integration with Trend Micro Products and Services.

Application Usage

Part of the Smart Protection Network™

Specify applications based on global or regional usage patterns.

Allow or block applications using a score generated by the Smart Protection Network team using a "prevalence index".

See Integration with Trend Micro Products and Services.

Certified Safe Software Service

Part of the Smart Protection Network™

Provides a comprehensive list of applications considered to be safe by Trend Micro, called Certified Safe Software by Endpoint Application Control.

The list includes most popular operating system files and binaries as well as applications for desktops, servers, and mobile devices.

See Integration with Trend Micro Products and Services.

Control Applications and DLLs

Allow or block applications and DLLs for users and endpoints. Customize application control for server, end-user, healthcare, point-of-sale, kiosk, hospitality, and financial systems.

Match Certified Safe Software, AIR Scores, application usage, endpoint inventories, file paths, certificates, and SHA-1 hash values.

Dynamic Application Lists

Match Trend Micro Certified Safe Software and endpoint inventory applications dynamically.

Key Performance Indicators Dashboard Widget

Customize a score card on the Endpoint Application Control and Control Manager product dashboards regarding the performance of your application control environment.

Manually Update Policy from the Agent

Manually trigger policy updates for agents from the endpoint.

Process Blocking

Also known as kernel-level or driver-level blocking

Block applications from executing by evaluating if files are allowed prior to execution.

See About Blocking Methods.

System Lockdown

Use lockdown rules to prevent installation of unauthorized applications.

See About Rule Types.

Trusted Sources for Applications

Trust newly installed software automatically for all users on an endpoint.

See About Trusted Sources.

User-Based and Endpoint-Based Policy Management

Use rules that match users or endpoints to control applications.

Connected Threat Defense

Using the Control Manager console, you can create customized actions for objects detected by the Suspicious Object lists to provide custom defense against threats identified by endpoints protected by Trend Micro products specific to your environment.