Advice Request Adaptive Defence 360

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

Emmanuellws

Level 3
Verified
Mar 11, 2017
132
[QUOTE = "Emmanuellws, poste: 612814, membre: 60108"] Eh bien, l'application est Whitelisting la voie à suivre pour lutter contre ransomware zéro jour. Avec une date limite sur la résolution du ransomware et les logiciels malveillants zeroday m'a été donnée par la direction, je suis trop consumé sur le nombre limité de produits je l'ai mentionné plus tôt jusqu'à ce que je fini avec la Défense Panda Panda Adaptive 360. Enfin Ad360 est en place ... et maintenant je peux dormir à poings fermés sans cauchemar. Merci d'avoir partagé info brève sur AppGuard. [/ QUOTE]

hello,so to resume l keep my av emsisoft security and l add an anti executable like voodooshield and l get a barrier almost impassable

Hello, Yes...I read some forums recommended that Voodooshield combined with any light and Traditional AV is a very strong combination. Of course, you can try it for free for Home personal use only. I tried it before with Avast and Voodooshield combination....its very good actually. I'm sure it will do good to for your AV too...Voodooshield will add extra protection to your machine. With built-in Virustotal oppinion and a free Cuckoo Sandbox. Try it..you will be very impressed.
 
Last edited:

Emmanuellws

Level 3
Verified
Mar 11, 2017
132
Some Sample already Classified under Malware by Panda Labs.
upload_2017-3-27_17-44-26.png
upload_2017-3-27_17-45-1.png

Currentlu only 12 popular AV detected this malware.
upload_2017-3-27_17-46-3.png

Other screenshot...
upload_2017-3-27_17-51-32.png
 

Attachments

  • upload_2017-3-27_17-41-2.png
    upload_2017-3-27_17-41-2.png
    153.5 KB · Views: 490
  • upload_2017-3-27_17-41-20.png
    upload_2017-3-27_17-41-20.png
    153.5 KB · Views: 467
  • upload_2017-3-27_17-41-55.png
    upload_2017-3-27_17-41-55.png
    165.7 KB · Views: 486
  • upload_2017-3-27_17-50-12.png
    upload_2017-3-27_17-50-12.png
    95 KB · Views: 471
  • Like
Reactions: Sunshine-boy

Emmanuellws

Level 3
Verified
Mar 11, 2017
132
a really fresh malware....doc with powershell script executed...
upload_2017-3-27_23-3-28.png

On virustotal....at this point of time I post...
upload_2017-3-27_23-4-41.png

another attack failed and being blocked by Panda Adaptive Defense 360. This is really a zero-day malware...phewww....
 
Last edited:

XhenEd

Level 28
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 1, 2014
1,708
That is totally expected because of its whitelisting part. :)
I think any good whitelisting app will be able to block that (e.g. Kaspersky with TAM enabled, and Comodo Firewall). :)
 

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
That is totally expected because of its whitelisting part. :)
I think any good whitelisting app will be able to block that (e.g. Kaspersky with TAM enabled, and Comodo Firewall). :)
I have the same idea.
So this panda adaptive 360 is quite similar to Kaspersky with TAM or comodo only allowing whitelisted apps to run

the good thing is comodo is free. I think panda 360 is not cheap
 

XhenEd

Level 28
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 1, 2014
1,708
I have the same idea.
So this panda adaptive 360 is quite similar to Kaspersky with TAM or comodo only allowing whitelisted apps to run

the good thing is comodo is free. I think panda 360 is not cheap
Panda Adaptive Defense is an enterprise product, so I already expected it to have good blocking ability against unknown apps, considering it must protect businesses.
I think it's a standard for an enterprise product to have "whitelisting" ability.
 

Amelith Nargothrond

Level 12
Verified
Top Poster
Well-known
Mar 22, 2017
587
Panda Adaptive Defense is an enterprise product, so I already expected it to have good blocking ability against unknown apps, considering it must protect businesses.
I think it's a standard for an enterprise product to have "whitelisting" ability.

This can really cripple productivity, it simply cannot be and it isn't implemented in many cases (like many medical institutes).
 

Emmanuellws

Level 3
Verified
Mar 11, 2017
132
I have the same idea.
So this panda adaptive 360 is quite similar to Kaspersky with TAM or comodo only allowing whitelisted apps to run

the good thing is comodo is free. I think panda 360 is not cheap

Not sure how do you consider cheap...when in Malaysia it cost us RM70 per license - 1 year subscription.
 

Emmanuellws

Level 3
Verified
Mar 11, 2017
132
This can really cripple productivity, it simply cannot be and it isn't implemented in many cases (like many medical institutes).

It wont cripple productivity...bcoz Panda already classisfied all known software as badware, goodware, PUP, malware and unknown...unlike Voodooshield..you haveto start your own list. ...in their Big Data...they already classified millions of apps and files...you can check their security models in their website. Don't get me wrong...I like Voodooshield...especially their Sandbox feature..you can see the malware executed Live.
 
  • Like
Reactions: Sunshine-boy

Amelith Nargothrond

Level 12
Verified
Top Poster
Well-known
Mar 22, 2017
587
It wont cripple productivity...bcoz Panda already classisfied all known software as badware, goodware, PUP, malware and unknown...unlike Voodooshield..you haveto start your own list. ...in their Big Data...they already classified millions of apps and files...you can check their security models in their website.

OK :)
 

Emmanuellws

Level 3
Verified
Mar 11, 2017
132
Classification Status of my organization's installed software and files...sample
upload_2017-3-27_23-36-7.png


They uses machine learning techniques and hashes and checks by Panda Labs staff to classify all this files into their Big Data so they can have a new and updated classification of programs and files.
 
  • Like
Reactions: Sunshine-boy

XhenEd

Level 28
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 1, 2014
1,708
This can really cripple productivity, it simply cannot be and it isn't implemented in many cases (like many medical institutes).
It won't. Well, it won't cripple productivity as long as the admin or the IT department is competent enough to have whitelisted all what needs to be allowed. :D
 

Emmanuellws

Level 3
Verified
Mar 11, 2017
132
It won't. Well, it won't cripple productivity as long as the admin or the IT department is competent enough to have whitelisted all what needs to be allowed. :D

Of course, custom tailored software for the organization....IT admin will do the job. hahaha..but if we are unsure....we let Panda's Big Data and the Labs to do the classification for us.
 
  • Like
Reactions: XhenEd

Amelith Nargothrond

Level 12
Verified
Top Poster
Well-known
Mar 22, 2017
587
It won't. Well, it won't cripple productivity as long as the admin or the IT department is competent enough to have whitelisted all what needs to be allowed. :D

It will and it does. It's a dynamic environment. Sick people are getting analysis results on flash memory and cds, all with different apps. There's not an IT department in the world that will FIRST invite the patient to their PC and whitelist the app, propagate the changes and send the patient back to the doctor. I work at one of those institutes, i know.
 
  • Like
Reactions: XhenEd

Emmanuellws

Level 3
Verified
Mar 11, 2017
132
It will and it does. It's a dynamic environment. Sick people are getting analysis results on flash memory and cds, all with different apps. There's not an IT department in the world that will FIRST invite the patient to their PC and whitelist the app, propagate the changes and send the patient back to the doctor. I work at one of those institutes, i know.

These are the challenges with exisiting app whitelisting based products..
Thats why PAD360 allows IT admin to define different policy for different departments or individual..then it also allows IT admin to allow any apps that's block through Cloud. You can set exclusion as well...all done through cloud. You dont have to do anything at the user level. Just let it sync and do the changes.

Example of a policy
upload_2017-3-28_0-11-40.png

Firewall Policy settings from the cloud
upload_2017-3-28_0-14-14.png

Device Control settings from the cloud
upload_2017-3-28_0-15-22.png

Web Access Control
upload_2017-3-28_0-16-0.png

You can split the settings by dept
upload_2017-3-28_0-16-52.png

You can move a computer from another policy folder to another policy folder.

I found a very detailed technical specs of how Panda Adaptive Defense 360 works.... here
upload_2017-3-28_0-22-57.png

Adaptive Defense Model
upload_2017-3-28_0-23-45.png

upload_2017-3-28_0-25-23.png

EVent Analysis
upload_2017-3-28_0-26-13.png

ok...I think this is too much...but you can read it for yourself here
http://pandasecurity.ir/files/documents/ADAPTIVEDEFENSE-manual-EN 1.2.pdf
Not sure if it is outdated or there is a new updated available.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top