Behavior Detection task (Behavior_Detection, ID:20)
January 23, 2024
ID 234873
The Behavior Detection task monitors malicious activity by applications in the operating system. When malicious activity is detected, Kaspersky Endpoint Security can terminate the process of the application that performs malicious activity.
If integration between Kaspersky Endpoint Security and Kaspersky Managed Detection and Response is enabled, exclusions by process are not applied.
By default, the Behavior Detection task starts automatically when the application starts. You can stop the task at any moment if necessary.
Behavior Detection task setting
Setting | Description | Values |
---|---|---|
| Action performed by the application when malicious activity is detected in the operating system. |
|
| Excluding processes from scans. |
|
The [TrustedPrograms.item_#] section contains processes that are excluded from scans. Kaspersky Endpoint Security does not monitor the activity of the specified processes. | ||
| Path to excluded process. |
|
| Exclude child processes of the excluded process specified by the |
|
| Description of the excluded process. |
|
| Exclude a process from scans. |
|