AppGuard & NVT ERP

[FrankN209]

Sorry for the noob question.

What's the difference between these two programs? Would AppGuard catch stuff that NVT can't and vice versa? Would they work good together or just be redundant?

Thanks

 

[bribon77]

AppGuard is an SRP. NVT is an Anti-Exe. If you have AppGuard. I do not see necessary NVT.

 

[shmu26]

First of all, Appguard needs to be configured smartly if you want maximum protection. But ERP is configured fairly well, right out of the box.
Second of all, the big advantage of adding ERP to your security config, even if you already have Appguard, is that ERP gives you fine-grained control of vulnerable processes.
As an example: if you block cmd in Appguard, that's it, all executions of cmd will be blocked, even the executions that you want. But in ERP, you can set cmd to alert, thus you can allow the cmd executions that your software needs in order to be happy and healthy. The same is true of rundll32. In ERP, you have fine-grained control over it.
On the other side of the coin, there a lot of things that Appguard does, and ERP can't. You can block certain dlls, for instance. Even more important, you have Guarded Apps.

 

[Deleted member 178]

Sorry for the noob question.

What's the difference between these two programs? Would AppGuard catch stuff that NVT can't and vice versa? Would they work good together or just be redundant?

Thanks

AppGuard is an SRP. NVT is an Anti-Exe. If you have AppGuard. I do not see necessary NVT.

Appguard just block stuff based on your own-made policy.

ERP (by default) will ask you first what to do when it flag something.

AG also block drivers and dlls and protect the memory, ERP doesn't do these stuff.

Both can be used together, i do since ages.

AG is for static systems where the user know what he installs, not one where the user keep installing/uninstalling lot of apps.

 

[Deleted member 178]

My use of ERP beside Appguard is to:

1- monitor installers when i turn off AG when i install programs.

2- add more rules. in AG Solo, you are limited to 128 custom block rules. Using ERP allows you to complement AG by adding more rules.

 

[Deleted member 178]

Appguard + ERP is for me the best SRP/anti-exe combo, if you create your custom rules properly and then set both of them on Lockdown Mode, it will be very hard to get infected.

 

[blueblackwow65]

Don't forget Voodooshield and Crystal Security for other options.

 

[dragongate888]

one side question------
Voodoo Shield pro = AppGuard +NVT ERP ?

 

[Eddie Morra]

Voodoo Shield pro = AppGuard +NVT ERP ?

VoodooShield is not SRP like AppGuard.

 

[Deleted member 178]

one side question------
Voodoo Shield pro = AppGuard +NVT ERP ?

Lol, not even close.
You can only compare VS to ERP.
VS would be more user-friendly.

Unlike AppGuard, VS isn't SRP, it is anti-exe.
It doesn't contain processes in memory, doesn't directly block dlls and drivers, It only monitors exes and look them up on virus total or with its ML.

 

[RoboMan]

one side question------
Voodoo Shield pro = AppGuard +NVT ERP ?

LOL no
I like VoodooShield very much, but you're comparing apples with rotten zombie pears.

If you had to compare VS with ERP, that would be another thing. I would discuss the "user friendly" subject Umbra pointed out. The only thing that seems more user friendly is the alert dialog. But I've been using ERP for some days and I find it more easy and convenient that VS.

 

[shmu26]

Please keep in mind: Appguard is for dedicated and expert users -- or for people lucky enough to know such a user who can set it up for them, and teach them how to use it.

 

[509322]

Please keep in mind: Appguard is for dedicated and expert users -- or for people lucky enough to know such a user who can set it up for them, and teach them how to use it.

Learning how to use Microsoft Office is 100X more convoluted and difficult.

SRP uses only a handful of simple, easy to understand concepts that children and grandmas use every single day.

No matter what software one uses, the person needs to learn it as there is a learning curve with them all.

What we don't appreciate (actually most any publisher does not appreciate), is when a user installs a program and expects it to work for them without a single bit of effort on their part. No software works that way. And no software can meet that unrealistic expectation. Not even the most user-friendly software in the world meets that expectation. Look at something as simple as Shadow Defender with less than 10 settings, search the forums, and people have posted tons of questions about how to configure and use it.

There are users who find that the defaults satisfy them. Then there are the advanced users who are curious, willing to learn by putting forth the effort and maximize the protections provided by the soft. So all security softs generally offer users capabilities and protections across a spectrum.

 

[Deleted member 178]

if you had to compare VS with ERP, that would be another thing. I would discuss the "user friendly" subject Umbra pointed out. The only thing that seems more user friendly is the alert dialog. But I've been using ERP for some days and I find it more easy and convenient that VS.

Just for clarity sake, when i say user friendly, it is because the user doesn't need to be skilled to answer the prompts (if any),VS ratings or auto-pilot thingy make it easier.
With ERP you need some knowledge about LOLbins. It is why NVT developped OSA, more oriented for beginners.

 

[shmu26]

Learning how to use Microsoft Office is 100X more convoluted and difficult.

SRP uses only a handful of simple, easy to understand concepts that children and grandmas use every single day.

No matter what software one uses, the person needs to learn it as there is a learning curve with them all.

What we don't appreciate (actually no publisher appreciates), is when a user installs a program and expects it to work for them without a single bit of effort on their part. Well, not even the most user-friendly software in the world meets that expectation. Look at something as simple as Shadow Defender with less than 10 settings, search the forums, and people have posted tons of questions about how to configure and use it.

There users out there who use defaults. Then there is the advanced user who is curious, willing to learn by putting forth the effort and maximize the protections provided by the soft. So all security softs generally offer users capabilities and protections across a spectrum.

I agree that it's all a matter of expectations. It's a lot harder to drive a car in downtown traffic than it is to use Appguard, but people know that driving a car takes a lot of practice, Whereas they expect Windows applications to be no-brainers.

 

[Deleted Member 3a5v73x]

I like VoodooShield very much, but you're comparing apples with rotten zombie pears.

Which one is "rotten zombie pears" ?

 

[Deleted member 178]

Which one is "rotten zombie pears" ?

VS, Because the "I like... But"

 

[Deleted Member 3a5v73x]

VS, Because the "I like... But"

Butwho?

 

[509322]

Whereas they expect Windows applications to be no-brainers.

User problem.

Not the publisher or its software problem.

It's one of the main reasons that I argue for most users to get off Windows and move over to Chromebook.

It is my job to break stuff and otherwise to figure out what is wrong with software. Given the fact that software is highly problematic on the best of days, and people cannot handle those problems sufficiently, their emotional and mental health are better served by something more simple. And on the market at this time, the only viable option is Chromebook (and some would argue Android).

 

[Deleted member 178]

Butwho?

Does it really matters?