AppGuard - Have you tried this program?

Status
Not open for further replies.

XhenEd

Level 28
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 1, 2014
1,708
It is enough for untargeted typical home user to protect physical system, but for targeted systems it can do little except perhaps delay the inevitable.

Targeted systems - like most government agencies - are doomed to be hacked sooner or later - no matter what security softs are being used.

If home user system is targeted, same result = smashed.

The question is whether AppGuard would delay the inevitable by a few hours up to months or longer. That all depends upon the hackers - their determination, resources, skill, what they are attempting to do, use social engineering, etc.

No security soft can guarantee protection against targeted attacks -- despite what claims are made by the vendors, fanboys, etc.
Simple. Offer the target an installation file. Then, attack! :D
 

Overkill

Level 31
Verified
Honorary Member
Feb 15, 2012
2,128
I have tried it in the past but it was both complicated and somewhat annoying imo...I don't have a license anymore, so unless I win it in a giveaway and/or they change some things to make it a bit more user friendly I doubt I'll ever buy it. My close to perfect combo is Sandboxie + ERP and sometimes the trio of SBIE+ERP+SD :)
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Appguard like others are known as preventive measures to lessen the worst attack however because of numerous techniques occurred, bypass percentage are high.

It is in the implementation of the system from beginning on how the access must be tighten in order to complete on the setup.
 
D

Deleted member 2913

Currently NO. But I test Voodoo Shield Beta 3 new builds & once it goes final will be trying on my system.

I tried AppGuard, NVT & VS & for my use I find VS good & also the easiest to use than the other 2.
 

Mineria

Level 3
Verified
Mar 19, 2016
128
Appguard wasn't created for Home users , home users are the weakest link in the chain. Appguard is made to block the common attack vectors used by malwares (not hackers); there is a difference. Hackers need human mistakes to work , malwares need system/security flaws/hole. common home users allow both.
Exactly.
That is also the main headache for us IT technicians/administrators, adding anti exe to the system images is the future.
Problem is that leaders and bosses didn't see the light yet, they usually first get it when bad things happen, additional anti exe politics might be impractical in development environments.
I clearly remember the bitching from a group of developers when they tested Windows versions beyond 7 because of it's improved security measures, imagine these people with an anti exe on their system....
 

Cortex

Level 26
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
I recently bought AppGuard for this PC after some reading. The problem I have with both of my PC's one of which is my daughters is that they get used by others (idiots?) while I am out which does cause concern to me :) I did have WAR on this PC but removed it as they (AppGuard) do the same thing albeit in different ways?? Though IMO WAR isn't that good & has an interface that would have been fine with Windows 3 - I now have Panda AV Pro, HPA, & ZAM & AppGuard, (oh & a lifetime licence I got 100 years ago for Trojan Remover) along with Malwarebytes which is used at the moment for occasional use as for me 3 isn't working properly yet & will probably always be used for an occasional scan (lifetime licences) on this PC, other PC' & Laptop have similar.

Gradually finding my way around AppGuard & going to get a second licence for my daughter's PC after the holidays. Any comments on anything I've put would be helpful. I don't have any problems buying security software though in 20+ years of using the net I've only had one infection loose on any system, but I've always been a little (very?) paranoid about security. Best protection I have though is Reflect Image & multiple backups of all data. So far most impressed with AppGuard..... Regards Paul
 
5

509322

I recently bought AppGuard for this PC after some reading. The problem I have with both of my PC's one of which is my daughters is that they get used by others (idiots?) while I am out which does cause concern to me :) I did have WAR on this PC but removed it as they (AppGuard) do the same thing albeit in different ways?? Though IMO WAR isn't that good & has an interface that would have been fine with Windows 3 - I now have Panda AV Pro, HPA, & ZAM & AppGuard, (oh & a lifetime licence I got 100 years ago for Trojan Remover) along with Malwarebytes which is used at the moment for occasional use as for me 3 isn't working properly yet & will probably always be used for an occasional scan (lifetime licences) on this PC, other PC' & Laptop have similar.

Gradually finding my way around AppGuard & going to get a second licence for my daughter's PC after the holidays. Any comments on anything I've put would be helpful. I don't have any problems buying security software though in 20+ years of using the net I've only had one infection loose on any system, but I've always been a little (very?) paranoid about security. Best protection I have though is Reflect Image & multiple backups of all data. So far most impressed with AppGuard..... Regards Paul

Since 3rd parties unknown are using your daughter's system, I suggest running in Locked Down mode. Even better would be locking them out of the Admin account by enabling the Standard User Account and password protecting both. These measures are all undone if the Admin account password is shared.

The AVs and anti-exploit you have installed are sufficient. Actually, they are overkill - unless someone is routinely lowering AppGuard's protection to "Allow Install" and installing programs.

Chrome, Firefox, MicrosoftEdge are all auto-detected by AppGuard and added to the Guarded Apps list and run with limited access rights and memory protections. If a different browser is being used, then add it to the Guarded Apps list with Privacy set to YES.

The same applies to any non-Microsoft Office suite being used, but in that case you want to set Privacy to NO. You want to do it this way so those text editor\spreadsheet\presentation programs can save created to MyPrivateFolder (a file vault).

If any Guarded Apps are exploited, then the payload will inherit the Guarded Apps's restrictions and also will not be allowed to launch.

Don't get carried away and add a whole bunch of programs to Guarded Apps. Stick to the fundamentals - commonly exploited programs = browsers, archivers, office suite programs, video players, etc. It would essentially be the same as those programs that are auto-added by HMP.A to its protection list.

Disable Flash - unless it is needed. Some online course work portals use it.

Any questions about use, just ask.

PS - You didn't mention if it is desktop or laptop. If it is a laptop and your daughter is using public hotspot wifi, then you need a firewall. Post back and we'll give you some suggestions.
 
Last edited by a moderator:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
I don't use it because I am not paranoid enough to put myself through that amount of pain and expense, when I already have more than enough protection without it.
 
  • Like
Reactions: Solarlynx and AtlBo

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Pain ?

AppGuard is a simple software restriction policy soft. Very little configuration is required.

If my 92 year old grandmother can use it without issue, then so can anyone.
after you set it up for her according to her limited needs, I am not surprised that everything works smoothly. You are number #1 security genius!
 
Last edited:
  • Like
Reactions: AtlBo
D

Deleted Member 3a5v73x

There is one "Pain" thing i see as a home user who would like to use AppGuard. It may be silly, but as a student i can't afford 30eur, every year for particular PC software, it may not be much maybe, but i have many times emailed your support and ask for any discounts, and there were none. I know and understand that AppGuard is not targeted at home users, but i would gladly consider buying it, if it was, for example 50% price-off for students. No love from BRN, even if its Christmas.. :(
 
5

509322

after you set it up for her according to her limited needs, I am not surprised that everything works smoothly. You are the number #! security genius!

I installed it, but she runs it in default Protected mode. She only had to create two exceptions to allow for manual updates of Windows Defender from User Space.

That's all that was required.

What increases her security significantly is the fact that she doesn't download files. Her online activities involve the church, cats and bridge (card game). Not exactly high-risk web activity.
 
5

509322

There is one "Pain" thing i see as a home user who would like to use AppGuard. It may be silly, but as a student i can't afford 30eur, every year for particular PC software, it may not be much maybe, but i have many times emailed your support and ask for any discounts, and there were none. I know and understand that AppGuard is not targeted at home users, but i would gladly consider buying it, if it was, for example 50% price-off for students. No love from BRN, even if its Christmas.. :(

If I could do something for you personally on that front, I surely would, but I can't. Such matters aren't my department.

That you bring this up today - of all days - is so appropriate. It's like Santa Claus - you won't get it unless you keep asking for it. It's like Ralphie who kept asking for that Red Rider BB gun all year long - even in June, July and August.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
I installed it, but she runs it in default Protected mode. She only had to create two exceptions to allow for manual updates of Windows Defender from User Space.

That's all that was required.

What increases her security significantly is the fact that she doesn't download files. Her online activities involve the church, cats and bridge (card game). Not exactly high-risk web activity.
sorry for typo, I meant to say #1 genius, but I hit the exclamation point after the pound key, by mistake...
 
5

509322

sorry for typo, I meant to say #1 genius, but I hit the exclamation point after the pound key, by mistake...

I appreciate the compliment.

I started out just like everybody else and put in tons of hours - and I haven't even scratched the surface yet.

Once again, it's that whole learn-by-doing thingy.
 

Cortex

Level 26
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
Since 3rd parties unknown are using your daughter's system, I suggest running in Locked Down mode. Even better would be locking them out of the Admin account by enabling the Standard User Account and password protecting both. These measures are all undone if the Admin account password is shared.

The AVs and anti-exploit you have installed are sufficient. Actually, they are overkill - unless someone is routinely lowering AppGuard's protection to "Allow Install" and installing programs.

Chrome, Firefox, MicrosoftEdge are all auto-detected by AppGuard and added to the Guarded Apps list and run with limited access rights and memory protections. If a different browser is being used, then add it to the Guarded Apps list with Privacy set to YES.

The same applies to any non-Microsoft Office suite being used, but in that case you want to set Privacy to NO. You want to do it this way so those text editor\spreadsheet\presentation programs can save created to MyPrivateFolder (a file vault).

If any Guarded Apps are exploited, then the payload will inherit the Guarded Apps's restrictions and also will not be allowed to launch.

Don't get carried away and add a whole bunch of programs to Guarded Apps. Stick to the fundamentals - commonly exploited programs = browsers, archivers, office suite programs, video players, etc. It would essentially be the same as those programs that are auto-added by HMP.A to its protection list.

Disable Flash - unless it is needed. Some online course work portals use it.

Any questions about use, just ask.

PS - You didn't mention if it is desktop or laptop. If it is a laptop and your daughter is using public hotspot wifi, then you need a firewall. Post back and we'll give you some suggestions.

Thanks for that information! AppGuard is actually less complicated than it first seemed on initial installation it & read the blurb as I really wondered then if it was completely beyond my abilities. it Though it will be quite some time :) before I really understand it, I'm slowly beginning to realise it's probably one of the best security programs I've ever used.
 
  • Like
Reactions: AtlBo

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Thanks for that information! AppGuard is actually less complicated than it first seemed on initial installation it & read the blurb as I really wondered then if it was completely beyond my abilities. it Though it will be quite some time :) before I really understand it, I'm slowly beginning to realise it's probably one of the best security programs I've ever used.
it's so good, once you get used to it, you will never go back.
 
  • Like
Reactions: AtlBo

Handsome Recluse

Level 23
Verified
Top Poster
Well-known
Nov 17, 2016
1,242
Pain ?

AppGuard is a simple software restriction policy soft. Very little configuration is required.

If my 92 year old grandmother can use it without issue, then so can anyone.
What's the difference between software restriction policy and anti-executable and how do the current products under them compare? Are there any redundancies between them or do they cover each other? People's posts suggests there are differences.
 
  • Like
Reactions: AtlBo and shmu26
5

509322

What's the difference between software restriction policy and anti-executable and how do the current products under them compare? Are there any redundancies between them or do they cover each other? People's posts suggests there are differences.

Just a general comparison:

Basically, an anti-executable uses a whitelist and blacklist of processes. Whitelisted processes are allowed to execute whereas blacklisted processes are either blocked or generate an alert (within which the user can allow or block). Some have the capability to alert when rundll32 executes and then the user can allow\block or permanently whitelist the command line. A few can monitor the loading of dlls. Anti-executable alerts are very HIPS-like.

On the other hand, software restriction policies can be set to allow and block processes according process name, file path, folder, etc. They can also be set to prevent read\writes to the file system and block the execution of specific file types (e.g. *.js, *.vbs, *.cmd, *.bat, etc, etc). Some even allow\block the loading of dlls according to policies. Finally, AppGuard will run commonly exploited programs in System Space - like browsers - and programs executed from User Space - with limited access rights and memory protections - thereby protecting the system. In short, there is a lot more flexibility with software restriction policy software compared to an anti-executable. There are no alerts other than block alerts from SRP softs.
 
5

509322

Thanks for that information! AppGuard is actually less complicated than it first seemed on initial installation it & read the blurb as I really wondered then if it was completely beyond my abilities. it Though it will be quite some time :) before I really understand it, I'm slowly beginning to realise it's probably one of the best security programs I've ever used.

It's not difficult.

If you have questions then ask away here at MT or over at the Wilders AppGuard sub-forum.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top