Application Control Plus

Stops unauthorised and unknown applications running on managed endpoints.

"For IT teams needing centralised execution control to prevent unauthorised apps across managed endpoints."

Control application execution on endpoints

Organisations often struggle to control which binaries run on endpoints. User-installed tools and unknown executables increase operational risk across desktops and laptops.

Where Application Control Plus is used

Deployed where teams must limit executable software on managed desktops and laptops. It is commonly used to enforce corporate software policies and prevent unauthorised tools from running.

Also applied where organisations need an inventory of installed applications while centrally managing execution rules for managed endpoints.

Fits within these solutions

Application Control
Ransomware Protection

Delivery & deployment

On-Premises Software

Suitable environments

Fits Windows-dominant desktop environments and organisations with centralised IT teams. Common in regulated sectors and distributed or remote workforces, and suitable for small and mid-sized organisations with limited security staff.

Benefits

Prevent unauthorised execution

Stops unauthorised and unknown applications from running on managed endpoints.

Improved visibility

Gives a central view of installed applications across the estate.

Consistent enforcement

Ensures execution policies apply uniformly across managed endpoints.

Reduced attack surface

Limits vectors by preventing unwanted or unknown software from running.

Simplified endpoint control

Central policy management reduces per-device configuration overhead for IT teams.

Support internal controls

Helps enforce internal software control requirements in regulated environments.

Capabilities

Enforce execution policies

Apply allow or deny execution policies to control which applications can run on endpoints.

Allow / deny rules

Create and manage allowlist and blocklist rules for executable files and applications.

Application inventory

Maintain a central inventory of installed applications across managed devices.

Block unauthorised executables

Prevent unauthorised or unapproved executables from running on managed endpoints.

Restrict unknown executables

Restrict execution of unknown or unmanaged binaries to reduce exposure to rogue software.

Centralised endpoint control

Deploy and manage execution policies centrally for consistent control across devices.

Applications

Control Windows desktops

Enforce execution policies on Windows-dominant desktop estates to limit user-installed software.

Secure remote endpoints

Protect distributed and remote devices by applying central execution policies to managed machines.

Restrict shadow IT

Stop unapproved or user-installed tools from running and reduce unmanaged software use.

Centralise software policy

Provide central IT teams with a single point to manage application execution rules across devices.

Fits small/mid organisations

Suitable for organisations with limited security staff that need straightforward endpoint control.

Part of (depending on licence)

Endpoint Central

Centralise endpoint maintenance, updates and security from one console.

View Product

Resources

Datasheet

Manage Engine - Application Control Plus - Datasheet

Read Document

Screenshots

Privilege ManagementJust In Time AccessApplication Control

How would you like to proceed?

Start a conversation

Book a demo

Professional services

Request pricing

Renew or upgrade licences