Protection Policy: Behavioral Scanning (Windows Only)
Behavioral Scanning is a proactive detection technology which uses heuristic methods to detect new potential threats in real time by observing process actions and giving them a score.
Where the overall score for a process reaches a given threshold, Managed Antivirus considers the process to be harmful and takes the Default remediation action for behavioral threats.
Behavioral Scanning is not compatible with Mac devices.
Exclusions: Behavioral Scanning only supports Process Exclusions.
- You can create Exclusions regardless of whether the processes are present.
- Any Behavioral Scanning exclusions are only evaluated when an individual process runs
- The computer requires a reboot for any Behavioral Scanning exclusion changes to take effect
From Bitdefender version 5, Behavioral Scanning includes Bitdefender's Intrusion Detection System. This monitors the system for suspicious activities. including unauthorized attempts to alter Bitdefender files, DLL injections, keylogging attempts, etc.
The Windows Managed Antivirus end-user interface refers to Behavioral Scanning as Advanced Threat Control
Settings
To enable Behavioral Scanning:
- Click Enabled in the Settings area
- Select the Default remediation action for behavioral threats - Block or Disinfect
- Disinfect - Managed Antivirus quarantines the existing application and then attempts to back out any changes the application has made to the system.
- Block - the application is not allowed to run
- Choose the Behavioral Scanning Sensitivity level from Aggressive, Normal or Permissive
- Aggressive - low threshold
- Normal - mid threshold
- Passive - high threshold
Aggressive sensitivity may result in false positives
What do you want to do?
- Review the Managed Antivirus Quick Start Guide
- View Managed Antivirus URLs
- Enable Managed Antivirus on individual servers and workstations or on all servers and workstations at a client or site