Status
Not open for further replies.

Lockdown

From AppGuard
Developer
Verified
Joined
Oct 24, 2016
Messages
4,345
#1


2016 WINNER

For immediate release:

2016 'ASTORS' Homeland Security Award Winners Announced - American Security Today

American Security Today’s comprehensive Homeland Security Awards Program was organized to recognize the most distinguished vendors of physical, IT, port security, law enforcement, and first responders, in acknowledgment of their outstanding efforts to ‘Keep our Nation Secure, One City at a Time.’

Blue Ridge Networks AppGuard

  • Platinum Award, Best Cyber Anti-Malware Solution
 

Lockdown

From AppGuard
Developer
Verified
Joined
Oct 24, 2016
Messages
4,345
#2
  • U.S. Department of Justice
  • Executive Office of United States Attorneys
  • Department of Commerce
  • Department of Defense
  • Department of Homeland Security
  • Department of the Interior
  • Department of State
  • Department of Transportation
  • Army
  • Navy
All protected by Blue Ridge Networks products - past and present.
 
Last edited:

Ana_Filiz

Level 4
Verified
Joined
Aug 23, 2016
Messages
189
#3
  • U.S. Department of Justice
  • Executive Office of United States Attorneys
  • Department of Commerce
  • Department of Defense
  • Department of Homeland Security
  • Department of the Interior
  • Department of State
  • Department of Transportation
  • Army
  • Navy
  • Anonymous
All protected by Blue Ridge Networks products.

What does that tell you ?
To avoid it without any doubt! :D
 

Lockdown

From AppGuard
Developer
Verified
Joined
Oct 24, 2016
Messages
4,345
#4
To avoid it without any doubt! :D
@Ana_Filiz

Yes, there have been a few people that have expressed fears of collusion and backdoors.

All of those fears are unwarranted.

People will say such things from time-to-time, but such statements are so manifestly ludicrous that they are just ignored.
 
Last edited:

Lockdown

From AppGuard
Developer
Verified
Joined
Oct 24, 2016
Messages
4,345
#14
There are only 2 modes for me INSTALL and LOCKED DOWN...
Lowering protection level from Locked Down to Protected and then updating program updaters that are digitally signed all the way through the run sequence is more secure. It is recommended to use Allow Installs only when required. It would be required for:
  • digitally unsigned installers\updaters
  • digitally signed installers\updaters where not all files created in the run sequence are signed (*.tmp files)
  • installers\updaters whose digital signatures cannot be added to the Trusted Publisher list (characters in the signature that cannot be found in the localization)
By using the Trusted Publisher list and only having to switch back-and-forth between Locked Down and Protected modes is a very secure strategy.

However, AppGuard is designed to offer the user multiple options to suit their wishes and needs. You can pick-and-choose amongst the various capabilities and select the one(s) that you think is\are most secure.
 

Andy Ful

Level 33
Content Creator
Verified
Joined
Dec 23, 2014
Messages
2,262
Operating System
Windows 10
Antivirus
Windows Defender
#16
@Jeff_T - Testing Group

I am impressed by functionality of Appguard. Many Malwaretips and Wilderssecurity members like it very much.
It is well suited for administrators and advanced users who want to restrict or lock down the system.
If I understand correctly, AppGuard is a Black & White type software, when it controls what can be executed. The user-space is generally blacklisted, and does not allow file execution (with exceptions). The system-space is generally whitelisted and allows file execution (with exceptions).
I was thinking a lot about how to make Black & White type software more attractive to home users. It seems to me that such programs can benefit a lot by adopting Windows SmartScreen technology, and then becoming Black & Grey & White type software. This way of development can be seen in Comodo IS (grey = unrecognized), but Comodo developed its own SmartScreen like file reputation solution (or Microsoft copied it from Comodo).
In the AppGuard case, grey files could be executed (as an option), but always with the SmartScreen check on the run. As an analogy, the SmartScreen in Appguard case, could take a role of Sandbox in the Comodo IS case.
I think that such extended functionality would be welcome by many home users.
Yet, there is a problem to solve - how to force SmartScreen to check files without 'Mark of the Web', but I'm certain that AppGuard team can easily manage to do it.
What do you think of that?
 

Lockdown

From AppGuard
Developer
Verified
Joined
Oct 24, 2016
Messages
4,345
#19
@Jeff_T - Testing Group

I am impressed by functionality of Appguard. Many Malwaretips and Wilderssecurity members like it very much.
It is well suited for administrators and advanced users who want to restrict or lock down the system.
If I understand correctly, AppGuard is a Black & White type software, when it controls what can be executed. The user-space is generally blacklisted, and does not allow file execution (with exceptions). The system-space is generally whitelisted and allows file execution (with exceptions).
I was thinking a lot about how to make Black & White type software more attractive to home users. It seems to me that such programs can benefit a lot by adopting Windows SmartScreen technology, and then becoming Black & Grey & White type software. This way of development can be seen in Comodo IS (grey = unrecognized), but Comodo developed its own SmartScreen like file reputation solution (or Microsoft copied it from Comodo).
In the AppGuard case, grey files could be executed (as an option), but always with the SmartScreen check on the run. As an analogy, the SmartScreen in Appguard case, could take a role of Sandbox in the Comodo IS case.
I think that such extended functionality would be welcome by many home users.
Yet, there is a problem to solve - how to force SmartScreen to check files without 'Mark of the Web', but I'm certain that AppGuard team can easily manage to do it.
What do you think of that?
  1. Thank you for the compliments
  2. The usability difficulty level of AppGuard is over-estimated; a novice can use AppGuard with accurate, knowledgeable guidance
  3. Admittedly, AppGuard is probably best suited to someone who possesses at least an intermediate working knowledge of Windows
  4. In a nutshell, AppGuard is a software restriction policy that blocks file types from User Space, runs Guarded Apps with limited access rights and provides process memory protections according to established policies
  5. File reputation lookup will never be implemented in AppGuard; it will always block all files per policy unless the user creates an exception through the various means to do so within AppGuard
  6. Clean install the OS, install desired software, lock-down the system with AppGuard; the system is clean and will remain clean with proper AppGuard use and user default-deny behaviors
  7. The whole point of AppGuard is to completely block the launch of executable code according to generically defined policy in the first place; if you allow unknown\untrusted executable files to launch on a system, then there is a significant risk that a malicious process can result in any of a vast array of problems - from bad user decisions to system\software malfunctions to a bypass
  8. Software restriction policy software as a class adheres to the philosophy that the user must make informed decisions about what to allow or block on a system and practice sound security habits - which until SkyNet comes along - shall remain the best means to protect a system
 
Last edited:

Andy Ful

Level 33
Content Creator
Verified
Joined
Dec 23, 2014
Messages
2,262
Operating System
Windows 10
Antivirus
Windows Defender
#20
  1. Thank you for the compliments
  2. The usability difficulty level of AppGuard is over-estimated; a novice can use AppGuard with accurate, knowledgeable guidance
  3. Admittedly, AppGuard is probably best suited to someone who possesses at least an intermediate working knowledge of Windows
  4. In a nutshell, AppGuard is a software restriction policy that blocks file types from User Space, runs Guarded Apps with limited access rights and provides process memory protections according to established policies
  5. File reputation lookup will never be implemented in AppGuard; it will always block all files per policy unless the user creates an exception through the various means to do so within AppGuard
  6. Clean install the OS, install desired software, lock-down the system with AppGuard; the system is clean and will remain clean with proper AppGuard use and user default-deny behaviors
  7. The whole point of AppGuard is to completely block the launch of executable code according to generically defined policy in the first place; if you allow unknown\untrusted executable files to launch on a system, then there is a significant risk that a malicious process can result in any of a vast array of problems - from bad user decisions to system\software malfunctions to a bypass
Thanks for the clear answer. I understand your point and wish Blue Ridge team the best.
Maybe in the future, you will consider to create something like SmartGuard ? :)
 
Likes: XhenEd
Status
Not open for further replies.