Malware Behavior Blocking provides a necessary layer of
additional threat protection from programs that exhibit malicious behavior. It
observes system events over a period of time. As programs execute different
combinations or sequences of actions, Malware Behavior Blocking detects known
malicious behavior and blocks the associated programs. Use this feature to ensure
a
higher level of protection against new, unknown, and emerging threats.
Malware Behavior Monitoring provides the following
threat-level scanning options:
-
Known threats: Blocks behaviors associated with known malware threats
-
Known and potential threats: Blocks behavior associated with known threats and takes action on behavior that is potentially malicious
After blocking a program with notifications enabled, the Security Agent
displays a notification on the endpoint.