App Review AppGuard (Demonstration and Reviews)

[shmu26]

I don't like this kind of program at all. blocking everything is not protecting. It would be a more successful program if it detected and blocked trusted programs.

AppGuard is designed for an IT guy working in a corporation to write a policy to properly control the company computers. A skilled home user could use it to craft a policy that works for him or her.
As Andy said, there are various levels of protection. You don't have to use the lockdown mode if you don't want to.

 

[Andy Ful]

AppGuard is designed for an IT guy working in a corporation to write a policy to properly control the company computers. A skilled home user could use it to craft a policy that works for him or her.
As Andy said, there are various levels of protection. You don't have to use the lockdown mode if you don't want to.

Ha, ha.
I fully agree, but @Lockdown (AppGuard staff member) did reiterate a few times that even his old mother uses ApGuard without problems (although he probably configured AppGuard).

Edit.
Greetings to @Lockdown, he was one of a few MT members I liked most.

 

[shmu26]

Ha, ha.
I fully agree, but @Lockdown (AppGuard staff member) did reiterate a few times that even his old mother uses ApGuard without problems (although he probably configured AppGuard).

Edit.
Greetings to @Lockdown, he was one of a few MT members I liked most.

+1
I agree with your words and your greetings and your emoticons...

 

[Azerty123]

Andy Ful​

Appguard and even Hard Configurator don't come close to the level of customization we have in simple software restriction policy, you can easily edit the extensions you want to be blocked, lolbins (AWL bypass Lolbins) or folders you want to be blocked (some windows folders are user writable). the only issues i have with it is that we can't modify the default whitelist and Also a user can easily modify the softwarepolicy.ini file located in C:\Windows\SoftwarePolicy\ folder.

 

[Andy Ful]

Andy Ful​

Appguard and even Hard Configurator don't come close to the level of customization we have in simple software restriction policy

That is true - Simple Software Restriction Policy (SSRP) can be very customizable and effective - both in securing and hurting people. Most of the time I spent when creating H_C, was for thinking about which SRP capabilities should be disabled to prevent users from hurting themselves and making overcomplicated setups. Next, I prepared several predefined setting profiles to help users avoid overcomplicated and unsafe setups (yes even with H_C one can still spoil the setup). A similar (and more professional) approach can be seen in AppGuard.
Furthermore, the restrictions used by AppGuard and H_C are different compared to the typical SRP setup because they use additional security layers.

, you can easily edit the extensions you want to be blocked, lolbins (AWL bypass Lolbins) or folders you want to be blocked (some windows folders are user writable). the only issues i have with it is that we can't modify the default whitelist and Also a user can easily modify the softwarepolicy.ini file located in C:\Windows\SoftwarePolicy\ folder.

Almost all of this (except non-important details) can be safely done in the AppGuard and H_C.
AppGuard is not only for replicating the SRP restrictions. The main difference is a kind of restriction Sandbox, so the processes can run restricted (not blocked like in SRP). That is why sometimes the attacker can perform limited spying, but cannot hurt the system.
Anyway, bypassing AppGuard in the wild is hardly possible, except for highly targeted attacks, when the attacker strictly wants to compromise AppGuard.

 

[Viking]

Holy hell! Annual Price: $89.95! I don't care how good an app is, you'd be much better of using OSArmor @ $10/year and adding Terabyte's Image for Windows $30/lifetime and you'd still come out ahead. That price is ridiculous!

Appguad Solo is $142.95 here in Australia

 

[silversurfer]

Ha, ha.
I fully agree, but @Lockdown (AppGuard staff member) did reiterate a few times that even his old mother uses ApGuard without problems (although he probably configured AppGuard).

Edit.
Greetings to @Lockdown, he was one of a few MT members I liked most.

Seriously? You should have noticed for several times, former member @Lockdown never "really" gone away from MT. Impossible to count all his new created user accounts here

To be on topic. Why doing a video review about AppGuard? it's probably the most expensive security software for home users, makes sense for business only

 

[Shadowra]

To be on topic. Why doing a video review about AppGuard? it's probably the most expensive security software for home users, makes sense for business only

The request was made to me and I did not know him

 

[ForgottenSeer 69673]

I don't like this kind of program at all. blocking everything is not protecting. It would be a more successful program if it detected and blocked untrusted programs.

My post above shows you can add programs you do not want blocked.

 

[Kongo]

The request was made to me and I did not know him

Still interesting after all. Actually would like to see more people testing endpoint protection software.

 

[ForgottenSeer 69673]

Here is a humor video from the Appguard team on how to hack a company through their fish tank. and Ninja bikers stealing laptops from a cab.

Vulnerabilities You Aren’t Prepared For - The Craziest Hacks You’ve Ever Heard Of - AppGuard

www.appguard.us

 

[wat0114]

Holy hell! Annual Price: $89.95! I don't care how good an app is, you'd be much better of using OSArmor @ $10/year and adding Terabyte's Image for Windows $30/lifetime and you'd still come out ahead. That price is ridiculous!

Agreed. As much as I've been intrigued with this program for several years, and I know it can provide powerful enforcement, I can't justify paying that much for it annually as a home user.

My Windows 11 security setup of OSArmor, $16 Cdn annually, paired with Defender/H_C combo is probably overkill in itself. Backups are done with IFW.

 

[jetman]

It makes me wonder whether the average home user would be safer using iOS or Chrome OS for their everyday Internet use. Presumably, those operating systems have in-built protection that would make something like Appguard redundant ?

Out of intertest, is Appguard substantially more secure than Voodooshield which (if I understand correctly) is also an anti-exe ?

 

[Kongo]

It makes me wonder whether the average home user would be safer using iOS or Chrome OS for their everyday Internet use. Presumably, those operating systems have in-built protection that would make something like Appguard redundant ?

Out of intertest, is Appguard substantially more secure than Voodooshield which (if I understand correctly) is also an anti-exe ?

AppGuard isn't an anti-exe software.

App Review - AppGuard (Demonstration and Reviews)

Hello and welcome to the AppGuard demo and test! This software is not an antivirus, but its protection function is interesting. It is an "Anti-exe" software, in other words, it will stop any suspicious launch (which is made by a malware or by you). The software is easy to use, there is only one...

malwaretips.com

 

[shmu26]

It makes me wonder whether the average home user would be safer using iOS or Chrome OS for their everyday Internet use. Presumably, those operating systems have in-built protection that would make something like Appguard redundant ?

Out of intertest, is Appguard substantially more secure than Voodooshield which (if I understand correctly) is also an anti-exe ?

ChromeOS would be a very good choice, security-wise.

AppGuard has a few tricks up its sleeve that Voodooshield does not. One of them, which others have already mentioned, is the restricted apps feature. Another is the memory protection feature. There are more.

On the other hand, Voodooshield is MUCH more user-friendly, and comes with a robust configuration out of the box, so you don't need expertise to use it effectively. It has features that AppGuard does not. Most notably, it uses Ai to calculate the riskiness of unknown processes, and responds accordingly, as well as informing and enabling the user to make an intelligent decision in grey areas.

In short, extreme security enthusiasts with sufficient funds and patience are likely to lean toward AppGuard.

 

[ForgottenSeer 69673]

I am not aware of anyone who really bypassed AppGuard with enhanced settings. One of the persons you have mentioned was actually me. But, I bypassed only the default settings. I sent the working POC to the AppGuard staff. I saw a "bypass" (shown in a video clip), but it was not a full bypass. Although the attacker could perform some spying (If I correctly recall), the malicious actions could not survive restarting the system.
Could you help me to find another bypass "malware that used one of the approved certificates"?

Edit.
I remember that I reported this bypass to MT, but it seems that this post (and thread) was removed.

HI Andy

Yes I remember the post you mentioned. Since you came forth, yes you were one of the ones I was referring to.
I will contact the other member and see if that person would be willing to talk with you about their bypass. I don't know if they also used default settings but guessing they did.
Good ol Lockdown. He used to say read the damn help file and if you still don't get it, I will try help you.

 

[ForgottenSeer 69673]

I use Appguard because I have a lifetime Lic otherwise the price would scare me away too. There are many users here with lifetime Lics that dont use Appguard any longer. Maybe one of them would be willing to sell their copy? shmu26. I know you have one. The version I have is as good to me as the new Solo version. Most people want great protection with free software and then those that buy, you have to ask how much they are spending per year for what they use now? My Appguard, Shadow Defender, Fort Knox Firewall are all lifetime Lics. My Voodooshield is good till 2025, so i think I am good for a while.. PLUS Marcrium Reflect Free which I love.

 

[shmu26]

I use Appguard because I have a lifetime Lic otherwise the price would scare me away too. There are many users here with lifetime Lics that dont use Appguard any longer. Maybe one of them would be willing to sell their copy? shmu26. I know you have one. The version I have is as good to me as the new Solo version.

Hi, actually, I don't have a lifetime license. I came too late to the party. I got pretty heavily involved in AppGuard at a certain point, and that entitled me to a certain type of license, but it has expired. I haven't used the program in a couple years (he says nostalgically...)

The type of person who enjoys the challenge of configuring and using AppGuard is in a high-risk category to switch over to linux. And after Ubuntu and MX, to march on to Arch...

 

[Andy Ful]

Seriously? You should have noticed for several times, former member @Lockdown never "really" gone away from MT. Impossible to count all his new created user accounts here
...

There is no proof for that, but yes, I can feel his spirit in several posts.
Anyway, even if this is true he has probably good reasons to post anonymously and I respect his choice.

 

[Andy Ful]

Using AppGuard is one thing, but using outdated software (like ver. 4) is another thing. AppGuard Solo has got several important updates to be most compatible with Windows 10. So, there can be problems with using AppGuard 4 on some computers. Anyway, the security abilities of ver. 4 are still very strong. If one uses AppGuard 4 at home without problems, then it is a good solution.