Built-in Groups

Endpoint Privilege Management for Windows includes a number of built-in groups that may be used in any Application Rule or content rule. They provide a simple and convenient way for the application of broad rules to applications and content, in particular when defining catch-all rules. Built-in groups also help to simplify your configurations by reducing the amount of groups.

Group Criteria Valid Types
Any Application Matches any application that executed. Will also match any child applications.
  • Executables
  • Control Panel Applets
  • Installer Packages
  • Endpoint Privilege Management Policy Editors
  • Windows Scripts
  • PowerShell Scripts
  • Batch Scripts
  • Registry Scripts
Any Signed Application Matches any application that executed which has been signed by a publisher. Will also match any child applications of signed applications.
  • Executables
  • Control Panel Applets
  • Installer Packages
  • Endpoint Privilege Management Policy Editors
  • Windows Scripts
  • PowerShell Scripts
Any Signed UAC Prompt Matches any application that triggers a Windows UAC Prompt, which has been signed by a publisher. Will also match any child applications.
  • Executables
  • Installer Packages
  • COM Classes
Any UAC Prompt Matches any application that triggers a Windows UAC prompt. Will also match any child applications.
  • Executables
  • Installer Packages
  • COM Classes