Executable Controls allow you to set up the following rules:
Trusted Owners - during the rule matching process, Trusted Ownership checking is performed on files and folders to ensure that ownership of the items matches with the list of trusted owners specified in the configuration.
Allowed - allow access to specific items.
Denied - restrict access to specific items. You do not need to use this list to deny applications that are not owned by an administrator because they are blocked by trusted ownership checking.
Security Levels - set security levels to specify how to manage requests to run unauthorized applications by the users, groups, or devices that a rule matches. The security levels are; unrestricted, audit only, self authorization, and restricted.
Application Limits - restricts the number of times an application can be run by a user during a session. Application Termination allows you to control triggers and behavior for terminating applications on managed endpoints. You can terminate applications gracefully, allowing the user to save work before closing, or force a termination.
Access Times - set specific time slots for allowed access. If an application has exceeded the allowed access times you can specify what action to take; for example, you can also specify whether the user is allowed to save their work before closing the application, or to just close the application upon warning.