Behavioral Scan

The Behavioral Scan section detects and prevents suspicious or abnormal behavior that could indicate potential malware activity.

Setting Action
Action 

Choose any of the following actions of detection:

  • Block the application only
  • Disinfect: block and disinfect the application
  • Audit Only: File/Application will not be blocked
Score Threshold

Choose any of the following actions if the threshold score exceeds:

  • High (aggressive mode – prone to more false positives)
  • Medium
  • Low (less aggressive mode – less false positives)
Fileless Attack Protection Select the Antimalware Scan Interface Security Provider checkbox to automatically allow Qualys to discover and block fileless attacks at the pre-execution stage. 
Ransomware Mitigation

Toggle on this setting to enable Qualys to detect and prevent ransomware attacks and quickly restore encrypted files.

Select ransomware mitigation for both local processes and network share paths accessed remotely to protect endpoints and shared network resources from ransomware attacks.
Also See: Ransomware Mitigation: Recovering Encrypted Files.

 

 

© 2025 Qualys, Inc. All rights reserved. Privacy Policy. Last updated: October, 2025