Advice Request Anyone Test WD + Hard_Configurator?

[509322]

Default-deny setup without AV is still OK, but it is hard to prove that it can be stronger than the setup with a good free AV.

It's not a good idea. Theoretically, default deny could replace antivirus, but still, it's just not a common sense move. If security is a high priority, then one should not use default deny as a single protection layer. Default deny is recommended as part of a security in-depth strategy.

Anyone who explicitly states "My product is bulletproof or very nearly bulletproof" is, well... use your own judgment.

 

[shmu26]

It isn't the AV industry. It is the IT security news that reports things in a manner that results in most everything being blown way out of proportion to reality. More often than not, it is someone from the AV industry who has to provide the perspective to people so that they stop freaking out about what they read in the most recent IT security news terror click-bait. I don't think half the people who report as part of IT security news even realize all the negative consequences of their indiscriminate and inaccurate-by-omission mal-reporting.

Not much different from the general news. For instance, I live in Israel, and based on the TV news you see in your country, you probably think I walk around with a helmet and an assault rifle, on those rare moments when I venture out of my bomb shelter.
Hah Hah Hah Hah Hah

 

[imuade]

It is more than fine for advanced users, and I would use it myself if wasn't for the performance issues and bugs (it gets in the way of my work a lot, as a programmer).

WD has always been resource-hungry on my PC too, but recently I have tried it and it was surprisingly quiet.
CPU and disk usage is always around zero (unless it's updating or scanning), RAM is around 100MB, my PC's boot time has slightly improved and the shutdown time has greately improved (before I was using Avast + Forticlient web filter).
I have noticed a slowdown in running the installed or portable SW, but then I made exclusions for them and now they open without any lag.
I don't know whether Microsoft made an update or something changed on my PC (the only change was to switch from Chromium to Firefox), but now WD is lighter than any AV I have tried

 

[Andy Ful]

I am glad that our discussion is not a fanboy-like. All of us advise the readers (not only MT members) what seems to be rational, basing on experience and facts. There is a place for very different points of view, if the discussion is far from negative emotions.
The thread was about the possibility of choosing Windows built-in security based on the native AV (Windows Defender) and Hard_Configurator Recommended Settings on Windows 10.
The below is a short summing up:

1. Recommended Hard_Configurator settings apply on Windows 10 the smart-default-deny protection, based on: Windows built-in SRP, forced SmartScreen Application Reputation, some activated policies, and hardening MS Office & Adobe Reader XI/DC applications.
2. The tests performed on Malware Hub suggest that this can be a strong setup against the threads in the wild including the 0-day malware of all kinds (also scripts, scriptlets, and fileless threads).
3. When dealing with new application installations, the setup strongly depends on SmartScreen Application Reputation. It can be bypassed (very rarely) by the 0-day malware with the code signing certificate stolen from the popular legal application or the malware with EV certificate. (MS SmartScreen and Application Reputation | DigiCert Blog). Any other signed malware and not signed malware (EXE, MSI) will be blocked.
4. Hard_Configurator settings will block file execution outside of the folders: C:\Windows and C:\Program Files. If the blocked files are from the legal applications then they should be whitelisted. This can be often a problem for the inexperienced users, and will require some learning.
5. In the more complex hardware/software configurations, the proper setup will require the help from an advanced user.
6. The setup does not introduce 3rd party real-time components, so it is fully compatible with Windows. It does not decrease the system performance and stability.

My personal thoughts.
In the home network environment, the above anti-malware prevention level should be comparable with something like Kaspersky Anti Virus (tweaked), which is more user-friendly for the inexperienced users. So, it is the user's choice of which security is better for him/her. Many users prefer usability over compatibility, so something like KAV (or another decent 3rd party AV) will be a good choice for them.

From my point of view (administrator of 4 home computers), I prefer the WD + H_C for compatibility reasons. I have very little to do (2 years left), because there are no infections, no problems with Windows Updates/Upgrades, and generally no problems at all. There was only one accident when my son tried to install the game patch (JSE script) and totally disabled all protection, because the patch seemed to be safe on Virus Total (it was still "safe" after several days). After turning on the protection, he noticed the difference (no slowdowns, script blocked on autostart), so I could remove the malware easily.

let's be safe

 

[509322]

I am glad that our discussion is not a fanboy-like. All of us advise the readers (not only MT members) what seems to be rational, basing on experience and facts. There is a place for very different points of view, if the discussion is far from negative emotions.
The thread was about the possibility of choosing Windows built-in security based on the native AV (Windows Defender) and Hard_Configurator Recommended Settings on Windows 10.
The below is a short summing up:

1. Recommended Hard_Configurator settings apply on Windows 10 the smart-default-deny protection, based on: Windows built-in SRP, forced SmartScreen Application Reputation, some activated policies, and hardening MS Office & Adobe Reader XI/DC applications.
2. The tests performed on Malware Hub suggest that this can be a strong setup against the threads in the wild including the 0-day malware of all kinds (also scripts, scriptlets, and fileless threads).
3. When dealing with new application installations, the setup strongly depends on SmartScreen Application Reputation. It can be bypassed (very rarely) by the 0-day malware with the code signing certificate stolen from the popular legal application or the malware with EV certificate. (MS SmartScreen and Application Reputation | DigiCert Blog). Any other signed malware and not signed malware (EXE, MSI) will be blocked.
4. Hard_Configurator settings will block file execution outside of the folders: C:\Windows and C:\Program Files. If the blocked files are from the legal applications then they should be whitelisted. This can be often a problem for the inexperienced users, and will require some learning.
5. In the more complex hardware/software configurations, the proper setup will require the help from an advanced user.
6. The setup does not introduce 3rd party real-time components, so it is fully compatible with Windows. It does not decrease the system performance and stability.

My personal thoughts.
In the home network environment, the above anti-malware prevention should be comparable with something like Kaspersky Anti Virus (tweaked), which is more user-friendly for the inexperienced users. So, it is the user's choice of which security is better for him/her. Many users prefer usability over compatibility, so something like KAV (or another decent 3rd party AV) will be a good choice for them.

From my point of view (administrator of 4 home computers), I prefer the WD + H_C for compatibility reasons. I have very little to do (2 years left), because there are no infections, no problems with Windows Updates/Upgrades, and generally no problems at all. There was only one accident when my son tried to install the game patch (JSE script) and totally disabled all protection, because the patch seemed to be safe on Virus Total (it was still "safe" after several days). After turning on the protection, he noticed the difference (no slowdowns, script blocked on autostart), so I could remove the malware easily.

let's be safe

Most inexperienced users will gravitate towards 3rd-party solutions. Those that come to the forums and do research will see what others are using, they will probably also look at the various online reviews and test lab results in selecting their softs.

If the person sticks with it as a hobby, then we all know what they used on day 1 will not be what they are using 2 years down the line.

So these debates about "What is best..." is wasted effort. How much influence do people think these forums actually have ? The sphere of influence is minuscule... essentially zero... when compared to the overall numbers.

 

[bribon77]

I am glad that our discussion is not a fanboy-like. All of us advise the readers (not only MT members) what seems to be rational, basing on experience and facts. There is a place for very different points of view, if the discussion is far from negative emotions.
The thread was about the possibility of choosing Windows built-in security based on the native AV (Windows Defender) and Hard_Configurator Recommended Settings on Windows 10.
The below is a short summing up:

1. Recommended Hard_Configurator settings apply on Windows 10 the smart-default-deny protection, based on: Windows built-in SRP, forced SmartScreen Application Reputation, some activated policies, and hardening MS Office & Adobe Reader XI/DC applications.
2. The tests performed on Malware Hub suggest that this can be a strong setup against the threads in the wild including the 0-day malware of all kinds (also scripts, scriptlets, and fileless threads).
3. When dealing with new application installations, the setup strongly depends on SmartScreen Application Reputation. It can be bypassed (very rarely) by the 0-day malware with the code signing certificate stolen from the popular legal application or the malware with EV certificate. (MS SmartScreen and Application Reputation | DigiCert Blog). Any other signed malware and not signed malware (EXE, MSI) will be blocked.
4. Hard_Configurator settings will block file execution outside of the folders: C:\Windows and C:\Program Files. If the blocked files are from the legal applications then they should be whitelisted. This can be often a problem for the inexperienced users, and will require some learning.
5. In the more complex hardware/software configurations, the proper setup will require the help from an advanced user.
6. The setup does not introduce 3rd party real-time components, so it is fully compatible with Windows. It does not decrease the system performance and stability.

My personal thoughts.
In the home network environment, the above anti-malware prevention should be comparable with something like Kaspersky Anti Virus (tweaked), which is more user-friendly for the inexperienced users. So, it is the user's choice of which security is better for him/her. Many users prefer usability over compatibility, so something like KAV (or another decent 3rd party AV) will be a good choice for them.

From my point of view (administrator of 4 home computers), I prefer the WD + H_C for compatibility reasons. I have very little to do (2 years left), because there are no infections, no problems with Windows Updates/Upgrades, and generally no problems at all. There was only one accident when my son tried to install the game patch (JSE script) and totally disabled all protection, because the patch seemed to be safe on Virus Total (it was still "safe" after several days). After turning on the protection, he noticed the difference (no slowdowns, script blocked on autostart), so I could remove the malware easily.

let's be safe

Well said @Andy Ful. It is the thread. And there is no doubt about it. that WD + H_C, is a solid configuration. (Provided you have resources) Because WD is a big consumer.