Configuring Behavior Detection in the Web Console

You can configure application Behavior Detection in the Web Console, under the policy: Application settings Advanced Threat ProtectionBehavior Detection.

Behavior Detection component settings

Setting

Description

Behavior Detection enabled / disabled

This toggle button enables or disables the Behavior Detection component.

The toggle button is switched off by default.

Action on malware activity detection

The action to be performed by Kaspersky Industrial CyberSecurity for Linux Nodes upon detecting malicious activity in the operating system:

  • Inform user (default value). Kaspersky Industrial CyberSecurity for Linux Nodes does not terminate the process performing malicious activity. It only records a malicious activity detection event in the event log.
  • Block the application performing malicious activity. Kaspersky Industrial CyberSecurity for Linux Nodes terminates the process that is performing malicious activity and records information about the detected malicious activity in the event log.

Exclusions by process

Clicking the Configure exclusions by process link opens the Exclusions by process window. In this window, you can exclude the activity of processes.

Page top