Appguard Technology explained

Discussion in 'AppGuard (Blue Ridge Networks)' started by Umbra, Apr 30, 2017.

?

Would you use Appguard ?

  1. Yes, i understand it enough to run it alone

    30.4%
  2. Yes, but with another security software alongside.

    34.8%
  3. No, i don't like the concept

    15.2%
  4. No, too complicated to me, i don't have the knowledge to use it properly

    19.6%
  1. Umbra

    Umbra From Emsisoft
    Developer

    May 16, 2011
    17,169
    29,677
    Community manager
    Vietnam & France
    Windows 10
    Emsisoft
    http://ww1.prweb.com/prfiles/2010/05/11/1052624/AppGuardTechWhitePaper.pdf

    old documentation but still valid

    note this about HIPS:

     
  2. Winter Soldier

    Winter Soldier Level 25

    Feb 13, 2017
    1,466
    10,343
    PLC programmer - Robotics industry
    Wormhole
    Windows 10
    Emsisoft
    Cool and very useful share @Umbra! ;)
     
  3. mekelek

    mekelek Level 21

    Feb 24, 2017
    1,012
    4,410
    Hungary
    Windows 10
    Kaspersky
    which other security software would you suggest using with Appguard that compliments it/covers missing features
     
  4. Lockdown

    Lockdown From AppGuard
    Developer

    Oct 24, 2016
    2,708
    11,871
    AppGuard LLC Virginia, U.S.
    #4 Lockdown, Apr 30, 2017
    Last edited: Apr 30, 2017
    Add:
    • Adblocker
    If you are running an older version of Windows or running unpatched vulnerable programs - like obsolete browser or office versions, then add:
    • Anti-exploit
    We recommend using an antivirus and firewall.

    We recommend using at least a file back-up solution.

    Know how to clean install Windows.

    * * * * *

    The base protections on my test systems:
    • AppGuard
    • uBlock Origin
    • Windows Defender
    • Windows Firewall
    • USB flash drive and DropBox for file backups
    This uncomplicated set-up gives high protection. You can ask any long-time AppGuard user if the system ever got seriously infected while AppGuard protections were enabled.
     
  5. Peter2150

    Peter2150 Level 6

    Oct 24, 2015
    281
    814
    Washington DC
    Windows 7
    Emsisoft
    Well I've done a lot of testing of my setup vs live malware. Absolutely nothing has gotten by Appguard. I wouldn't be without it.
     
    Tiny, meltcheesedec, BugCode and 8 others like this.
  6. Umbra

    Umbra From Emsisoft
    Developer

    May 16, 2011
    17,169
    29,677
    Community manager
    Vietnam & France
    Windows 10
    Emsisoft
    Same here.
     
    Tiny, meltcheesedec, XhenEd and 2 others like this.
  7. _CyberGhosT_

    _CyberGhosT_ Level 52
    Trusted

    Aug 2, 2015
    4,174
    27,493
    Retired
    Central US
    Linux Mint
    Default-Deny
    I voted yes, I have been eyeballing it for some time now as you know Jeff.
    I may jump in the pool soon, if I need any setup or config advise is it ok that I PM you Jeff ?
     
  8. Quassar

    Quassar Level 7

    Feb 10, 2012
    326
    727
    Poland, Bielsko - Biała
    I use AppGuard with SpyShelterFW.... light and strong secuirty....
    ofc isolator are SD and Sandboxie... for test VMware Wokrstation
    some privacy with Adguard and ProtonVPN disk encryped by VeraCrypt and storage pass in KeePass

    scanners with this setup i guess are for fun but stil in use: Zemana with poor Malwarebytes Anti-Malware sometimes avira rescue cd.
     
  9. meltcheesedec

    meltcheesedec Level 1

    Jul 30, 2017
    45
    111
    Israel
    Windows 10
    Microsoft
    @Lockdown, I am a huge fan of your posts, and joined malwaretips in part so I could ask you questions.

    My Meltcheesedec Security Configuration 2017 features not only AppGuard Personal, but (most of the) the "base protection" you outlined in the above post.

    Questions:
    as part of your "base protection", do you:
    - make any configuration changes to default/Out of the Box (OOTB) Windows Firewall settings?
    - use any Windows Filtering Platform (WFP) firewalls (e.g., TinyWall, Windows Firewall Control [WFC])?

    My hope is that you answer "No" to both questions, so that fellow AppGuard users and I can focus our administrative time on AppGuard and not have to worry about endless additional hours spent tracking down ports and protocols to lock down in OS-level firewalls (which I spent years doing).
     
  10. Umbra

    Umbra From Emsisoft
    Developer

    May 16, 2011
    17,169
    29,677
    Community manager
    Vietnam & France
    Windows 10
    Emsisoft
    personally:

    1- No, custom made Windows FW ; i removed/disabled several rules, put all profiles on "block" outgoing conections , and then i create rules manually if needed.
    2- Not anymore, but i did use WFC before.
     
  11. meltcheesedec

    meltcheesedec Level 1

    Jul 30, 2017
    45
    111
    Israel
    Windows 10
    Microsoft
    @Umbra , your Windows FW config is essentially the same config I spent so much time building, maintaining and worrying about in TinyWall. My selfish hope was that by instead migrating to a "OOTB Windows Firewall and locked-down AppGuard" implementation, I could avoid spending any time on firewall configuration (and instead use that time configuring AppGuard).
     
  12. Umbra

    Umbra From Emsisoft
    Developer

    May 16, 2011
    17,169
    29,677
    Community manager
    Vietnam & France
    Windows 10
    Emsisoft
    Appguard wont help against outbound connection. What if you install a FUD weaponized legit application that stealthily call home when it shoudn't? it will install on C , so Appguard won't block it, and then it will call home.
    The situation you hope for is valid, if like me, you take time to deeply check every program you install.

    but even me , i prefer controlling what is going out without relying to a 3rd party controller; even if it is more convenient.
     
Loading...
Similar Threads Forum Date
How to configure AppGuard to be use on a gaming PC? AppGuard (Blue Ridge Networks) Jan 12, 2018
Q&A AppGuard + Spectre/Meltdown General Security Discussions Jan 9, 2018
AppGuard LLC Partners with SheepDog Response AppGuard (Blue Ridge Networks) Jan 2, 2018