Updated on 2024-11-15 GMT+08:00

Enabling Sensitive Malware Scan

Scenario

By default, HSS checks for malware based on the protected file type and scanned file path set in the antivirus and web shell detection policies. The detection scope is limited. For details about how to view antivirus and web shell detection policies, see Configuring Policies.

In sensitive mode, HSS can detect all file types on the server. Alarms will be reported for all suspicious web shells and malware files, helping you comprehensively identify risks in the system.

If the sensitive malware scan mode is enabled, false positives may be reported. You can add false positives to the alarm whitelist when handling alarm events.

Enabling Sensitive Malware Scan

  1. Log in to the management console.
  2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > HSS.
  3. In the navigation pane, choose Installation & Configuration > Server Install & Config.
  4. Click the Security Configuration tab. Click Isolation and Killing of Malicious Programs.
  5. In the Sensitive Malware Scan area, click to enable it.