Enterprise networks can contain valuable information that forms an increasingly attractive target for malicious actors. There remains a need for improved techniques to locally manage the security of processes executing on an endpoint, particularly where the endpoint regularly interacts with external content and services, or seeks to download and execute content from remote sources.