An excellent summation. But between SpyShelter and AppGuard with ESET I personally would choose AG all the way.Either Eset + ApGuard or Eset + SpyShelter would be enough. More important is a proper configuration (attack surface reduction) than adding another security applications.
The cautious users are pretty much safe if they can:
It is not especially important if SRP or Anti-Exe, or Sandboxing, is used for that. That is usually, also a strong anti-exploit prevention, because the exploit is unarmed in the restricted environment or cannot be executed, or if executed, then cannot run/download something else.
- open the unsafe files (from the Internet or removable sources) in the properly restricted environment or blocks them (if not needed, like scripts);
- disable SMB protocols, and remote services;
Things are more complicated with the kernel exploits, but fortunately, Windows Updates can provide the sufficient protection, so far.
In-memory attacks (from the network) are dangerous for organizations and for the people, who use the public networks. In the second case the strong firewall should be sufficient.
In the case of organizations, the ATP features will be required, which are
based on: Memory Isolation + Memory & Network Monitoring + Machine Learning & Artificial Intelligence + Credential Protection + Data Encryption, etc.