Virus detection modules (120) execute virus detection techniques on clients (110) to check for the presence of computer viruses in data and also communicate with a software server (116). A constraints module (320) specifies constraints on the application of certain virus detection techniques. An administrator uses the software server (116) to release (514) a virus detection technique and an associated constraint to the clients (110). The clients (110) execute the technique subject to the constraint, and report the results to the software server (116). The administrator uses the constraint and reported results to determine (518) whether the technique is causing false positive virus detections. If necessary, the administrator modifies (520) the technique to reduce the false positives and/or modifies (524) the constraint to cause the technique to execute more frequently. The constraints allow the administrator to detect false positives without inconveniencing most clients (110).