Hola amigos!
Do you know which antivirus software in the actual market have default deny modules, such as Kaspersky's Application Control? I am always trying to test new software, and since every AV keeps evolving and adding new features I have lost track of which ones include this technology and which antivirus even exist right now lol.
You can make COMODO and Kaspersky true default-deny.
You have to disable cloud file reputation lookup in COMODO and KSN lookup in Kaspersky.
In COMODO you have to set the sandbox to Block.
In Kaspersky, you can enable TAM or just go with Application Control.
You have to set both to show alerts\notifications and not to take actions automatically.
I might be missing some details as it has been a very long since I messed with either one in the true default-deny configuration.
If you disable any process in Kaspersky Application Control, they stupidly made it so that it will not notifiy you when the process is blocked. So all the blocks are silent and you are none the wiser if something is broken. Don't you think you would want an option to show alerts for user-disabled process blocks ? I know I sure would. That info is valuable for both troubleshooting and security.
If you try either one configured for default-deny, you will quickly reach the conclusion that it is just better to run SRP.
Of the two, COMODO is a bit better for default-deny... because the sandbox alert will tell you what has been blocked.
HIPS is very informative. It provides infos to you that clearly let you know that something isn't right. You have to know your ecosystem. Information supplied to you is the most valuable thing there is, but you have to understand the infos. Learning it is not that difficult.