diff --git a/network/connection.go b/network/connection.go
index 99078c87..f8b130e9 100644
--- a/network/connection.go
+++ b/network/connection.go
@@ -228,6 +228,12 @@ func NewConnectionFromDNSRequest(ctx context.Context, fqdn string, cnames []stri
 		Started:        timestamp,
 		Ended:          timestamp,
 	}
+
+	// Inherit internal status of profile.
+	if localProfile := proc.Profile().LocalProfile(); localProfile != nil {
+		dnsConn.Internal = localProfile.Internal
+	}
+
 	return dnsConn
 }
 
@@ -238,7 +244,7 @@ func NewConnectionFromExternalDNSRequest(ctx context.Context, fqdn string, cname
 	}
 
 	timestamp := time.Now().Unix()
-	return &Connection{
+	dnsConn := &Connection{
 		Scope: fqdn,
 		Entity: &intel.Entity{
 			Domain: fqdn,
@@ -248,7 +254,14 @@ func NewConnectionFromExternalDNSRequest(ctx context.Context, fqdn string, cname
 		ProcessContext: getProcessContext(ctx, remoteHost),
 		Started:        timestamp,
 		Ended:          timestamp,
-	}, nil
+	}
+
+	// Inherit internal status of profile.
+	if localProfile := remoteHost.Profile().LocalProfile(); localProfile != nil {
+		dnsConn.Internal = localProfile.Internal
+	}
+
+	return dnsConn, nil
 }
 
 // NewConnectionFromFirstPacket returns a new connection based on the given packet.
@@ -335,7 +348,8 @@ func NewConnectionFromFirstPacket(pkt packet.Packet) *Connection {
 		}
 	}
 
-	return &Connection{
+	// Create new connection object.
+	newConn := &Connection{
 		ID:        pkt.GetConnectionID(),
 		Scope:     scope,
 		IPVersion: pkt.Info().Version,
@@ -352,6 +366,13 @@ func NewConnectionFromFirstPacket(pkt packet.Packet) *Connection {
 		Started:                time.Now().Unix(),
 		ProfileRevisionCounter: proc.Profile().RevisionCnt(),
 	}
+
+	// Inherit internal status of profile.
+	if localProfile := proc.Profile().LocalProfile(); localProfile != nil {
+		newConn.Internal = localProfile.Internal
+	}
+
+	return newConn
 }
 
 // GetConnection fetches a Connection from the database.
diff --git a/process/module.go b/process/module.go
index bfed029e..5b0d2a09 100644
--- a/process/module.go
+++ b/process/module.go
@@ -1,17 +1,30 @@
 package process
 
 import (
+	"os"
+
 	"github.com/safing/portbase/modules"
+	"github.com/safing/portmaster/updates"
 )
 
 var (
-	module *modules.Module
+	module      *modules.Module
+	updatesPath string
 )
 
 func init() {
-	module = modules.Register("processes", prep, nil, nil, "profiles")
+	module = modules.Register("processes", prep, start, nil, "profiles")
 }
 
 func prep() error {
 	return registerConfiguration()
 }
+
+func start() error {
+	updatesPath = updates.RootPath() + string(os.PathSeparator)
+	if updatesPath != "" {
+		updatesPath += string(os.PathSeparator)
+	}
+
+	return nil
+}
diff --git a/process/profile.go b/process/profile.go
index 3294a281..9c0e3a4a 100644
--- a/process/profile.go
+++ b/process/profile.go
@@ -3,6 +3,7 @@ package process
 import (
 	"context"
 	"os"
+	"strings"
 
 	"github.com/safing/portbase/log"
 	"github.com/safing/portmaster/profile"
@@ -38,6 +39,16 @@ func (p *Process) GetProfile(ctx context.Context) (changed bool, err error) {
 		profileID = profile.SystemProfileID
 	case ownPID:
 		profileID = profile.PortmasterProfileID
+	default:
+		// Check if this is another Portmaster component.
+		if updatesPath != "" && strings.HasPrefix(p.Path, updatesPath) {
+			switch {
+			case strings.Contains(p.Path, "portmaster-app"):
+				profileID = profile.PortmasterAppProfileID
+			case strings.Contains(p.Path, "portmaster-notifier"):
+				profileID = profile.PortmasterNotifierProfileID
+			}
+		}
 	}
 
 	// Get the (linked) local profile.
diff --git a/profile/get.go b/profile/get.go
index 7e1e88be..8a99cd8c 100644
--- a/profile/get.go
+++ b/profile/get.go
@@ -2,30 +2,16 @@ package profile
 
 import (
 	"errors"
-	"os"
 	"strings"
 
 	"github.com/safing/portbase/database"
 
-	"github.com/safing/portbase/dataroot"
-
 	"github.com/safing/portbase/database/query"
 	"github.com/safing/portbase/database/record"
 	"github.com/safing/portbase/log"
 	"golang.org/x/sync/singleflight"
 )
 
-const (
-	// UnidentifiedProfileID is the profile ID used for unidentified processes.
-	UnidentifiedProfileID = "_unidentified"
-
-	// SystemProfileID is the profile ID used for the system/kernel.
-	SystemProfileID = "_system"
-
-	// SystemProfileID is the profile ID used for the Portmaster itself.
-	PortmasterProfileID = "_portmaster"
-)
-
 var getProfileSingleInflight singleflight.Group
 
 // GetProfile fetches a profile. This function ensures that the loaded profile
@@ -69,15 +55,8 @@ func GetProfile(source profileSource, id, linkedPath string) ( //nolint:gocognit
 			// If we cannot find a profile, check if the request is for a special
 			// profile we can create.
 			if errors.Is(err, database.ErrNotFound) {
-				switch id {
-				case UnidentifiedProfileID:
-					profile = New(SourceLocal, UnidentifiedProfileID, linkedPath)
-					err = nil
-				case SystemProfileID:
-					profile = New(SourceLocal, SystemProfileID, linkedPath)
-					err = nil
-				case PortmasterProfileID:
-					profile = New(SourceLocal, PortmasterProfileID, linkedPath)
+				profile = getSpecialProfile(id, linkedPath)
+				if profile != nil {
 					err = nil
 				}
 			}
@@ -177,7 +156,7 @@ func findProfile(linkedPath string) (profile *Profile, err error) {
 
 	// Check if the profile should be marked as internal.
 	// This is the case whenever the binary resides within the data root dir.
-	if strings.HasPrefix(linkedPath, dataroot.Root().Dir+string(os.PathSeparator)) {
+	if updatesPath != "" && strings.HasPrefix(linkedPath, updatesPath) {
 		profile.Internal = true
 	}
 
diff --git a/profile/module.go b/profile/module.go
index c42db691..71f18306 100644
--- a/profile/module.go
+++ b/profile/module.go
@@ -1,17 +1,21 @@
 package profile
 
 import (
+	"os"
+
 	"github.com/safing/portbase/log"
 
 	"github.com/safing/portbase/modules"
 
 	// module dependencies
 	_ "github.com/safing/portmaster/core/base"
+	"github.com/safing/portmaster/updates"
 	_ "github.com/safing/portmaster/updates" // dependency of semi-dependency filterlists
 )
 
 var (
-	module *modules.Module
+	module      *modules.Module
+	updatesPath string
 )
 
 func init() {
@@ -33,6 +37,11 @@ func prep() error {
 }
 
 func start() error {
+	updatesPath = updates.RootPath() + string(os.PathSeparator)
+	if updatesPath != "" {
+		updatesPath += string(os.PathSeparator)
+	}
+
 	err := registerValidationDBHook()
 	if err != nil {
 		return err
diff --git a/profile/profile.go b/profile/profile.go
index 46668249..3eb428aa 100644
--- a/profile/profile.go
+++ b/profile/profile.go
@@ -394,7 +394,7 @@ func (profile *Profile) UpdateMetadata(processName, binaryPath string) (changed
 	}
 
 	// Update LinkedPath if if differs from the process path.
-	// This will (at the moment) only be the case for the Portmaster profile.
+	// This will be the case for profiles that are assigned in a special way.
 	if profile.LinkedPath != binaryPath {
 		profile.LinkedPath = binaryPath
 		changed = true
diff --git a/profile/special.go b/profile/special.go
new file mode 100644
index 00000000..da7027de
--- /dev/null
+++ b/profile/special.go
@@ -0,0 +1,61 @@
+package profile
+
+const (
+	// UnidentifiedProfileID is the profile ID used for unidentified processes.
+	UnidentifiedProfileID = "_unidentified"
+
+	// SystemProfileID is the profile ID used for the system/kernel.
+	SystemProfileID = "_system"
+
+	// PortmasterProfileID is the profile ID used for the Portmaster Core itself.
+	PortmasterProfileID = "_portmaster"
+
+	// PortmasterAppProfileID is the profile ID used for the Portmaster App.
+	PortmasterAppProfileID = "_portmaster-app"
+
+	// PortmasterNotifierProfileID is the profile ID used for the Portmaster Notifier.
+	PortmasterNotifierProfileID = "_portmaster-notifier"
+)
+
+func getSpecialProfile(profileID, linkedPath string) *Profile {
+	switch profileID {
+	case UnidentifiedProfileID:
+		return New(SourceLocal, UnidentifiedProfileID, linkedPath)
+
+	case SystemProfileID:
+		return New(SourceLocal, SystemProfileID, linkedPath)
+
+	case PortmasterProfileID:
+		profile := New(SourceLocal, PortmasterProfileID, linkedPath)
+		profile.Name = "Portmaster Core Service"
+		profile.Internal = true
+		return profile
+
+	case PortmasterAppProfileID:
+		profile := New(SourceLocal, PortmasterAppProfileID, linkedPath)
+		profile.Name = "Portmaster User Interface"
+		profile.Internal = true
+		profile.Config = map[string]interface{}{
+			CfgOptionDefaultActionKey: "block",
+			CfgOptionEndpointsKey: []string{
+				"+ Localhost",
+			},
+		}
+		return profile
+
+	case PortmasterNotifierProfileID:
+		profile := New(SourceLocal, PortmasterNotifierProfileID, linkedPath)
+		profile.Name = "Portmaster Notifier"
+		profile.Internal = true
+		profile.Config = map[string]interface{}{
+			CfgOptionDefaultActionKey: "block",
+			CfgOptionEndpointsKey: []string{
+				"+ Localhost",
+			},
+		}
+		return profile
+
+	default:
+		return nil
+	}
+}