AppGuard use and PCI Compliance

  • This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.
Oct 11, 2017
3
7
Operating System
Windows 7
Installed Antivirus
AVG
#1
Hi,

I am new to AppGuard and referred various materials for information. I want to know if AppGuard alone could be useful for prevention from Malicious attacks?

Also, if at all you have any idea, could you tell me which PCI DSS requirement AppGuard will satisfy? I am assuming it would be Requirement 5 and Requirement 9.9. Please correct me if any new information is there.

Regards
J
 
Last edited:

XhenEd

Level 27
Content Creator
Verified
Mar 1, 2014
1,635
8,533
Operating System
Windows 10
Installed Antivirus
Default-Deny
#2
I want to know if AppGuard alone could be useful for prevention from Malicious attacks?
Yes, if you know how it works and how to add/adjust things accordingly. :)

But even BRN or the Blue Planet-works recommend an anti-virus and firewall to be used along with AppGuard for the user's overall safety. AppGuard won't tell you that an application is malicious, you know. :)

It just blocks, awesomely. :)
 

shmu26

Level 57
Jul 3, 2015
4,670
14,861
Operating System
Windows 10
Installed Antivirus
Default-Deny
#3
It looks like you are on Windows 7, you are using AVG for your antivirus, and you assumedly have windows firewall enabled. All that plus AppGuard is plenty of protection.

Like @XhenEd already mentioned, Appguard will not tell you if a certain program you want to install is malicious or not, and while you install it, you will have to lower Appguard protection in order for the installation to succeed. So your antivirus is needed in case the installation file has malware in it. It goes without saying that users should be careful about what they install, but it still is nice to have that AV safety-net, just in case.
 
Oct 11, 2017
3
7
Operating System
Windows 7
Installed Antivirus
AVG
#4
Yes, if you know how it works and how to add/adjust things accordingly. :)

But even BRN or the Blue Planet-works recommend an anti-virus and firewall to be used along with AppGuard for the user's overall safety. AppGuard won't tell you that an application is malicious, you know. :)

It just blocks, awesomely. :)
Thank you for the reply. :) I understand the reason you gave about need of Antivirus or firewall. But is that the only reason why I should spend money for two security solutions (any other antivirus software + AppGuard)? It's difficult for me to grasp the cost benefit analysis with this. Is it possible for you to provide more reasons to have such a hybrid solution?
 

XhenEd

Level 27
Content Creator
Verified
Mar 1, 2014
1,635
8,533
Operating System
Windows 10
Installed Antivirus
Default-Deny
#5
Thank you for the reply. :) I understand the reason you gave about need of Antivirus or firewall. But is that the only reason why I should spend money for two security solutions (any other antivirus software + AppGuard)? It's difficult for me to grasp the cost benefit analysis with this. Is it possible for you to provide more reasons to have such a hybrid solution?
For me, yes, that's the main reason (I can't think of any other reason right now). You need an AV to help you verify whether what you're installing/running is malicious or not. Since AppGuard doesn't do this, you would rely on the AV. Your antivirus basically is for monitoring, while AppGuard provides you with default-deny protection. :)

Once you allow something to be run or installed (meaning AppGuard protection is lowered), AppGuard won't interfere, and thus you might get infected unless you have an AV that would catch the threat. :)

You don't need to spend money on an AV. Windows' built-in security or your current AV may be enough for you. :)
 
Last edited:
Oct 11, 2017
3
7
Operating System
Windows 7
Installed Antivirus
AVG
#6
For me, yes, that's the main reason (I can't think of any other reason right now). You need an AV to help you verify whether what you're installing/running is malicious or not. Since AppGuard doesn't do this, you would rely on the AV. Your antivirus basically is for monitoring, while AppGuard provides you with default-deny protection. :)

Once you allow something to be run or installed (meaning AppGuard protection is lowered), AppGuard won't interfere, and thus you might get totally infected unless you have an AV that would probably catch the threat. :)

You don't actually need to spend money on an AV. Windows Defender or your current AV may be enough for you. :)
Thanks @XhenEd for the answer. I understand the reasons now.

Regarding spending money, I was thinking from a customer perspective as If I offer them two solutions together, it's difficult to convince them with only 1 or 2 reasons. I believe AppGuard should workout a combined solution (Antivirus and AppGuard) though its difficult to concentrate on multiple things, but again partnerships won't hurt either.
 

Lockdown

From AppGuard
Developer
Oct 24, 2016
2,918
12,630
#8
I believe AppGuard should workout a combined solution (Antivirus and AppGuard) though its difficult to concentrate on multiple things, but again partnerships won't hurt either.
I understand the reasoning, but this isn't going to happen.

Combining an SRP with antivirus into a single product makes no sense.

It's gimmicky and unnecessary.
 

shmu26

Level 57
Jul 3, 2015
4,670
14,861
Operating System
Windows 10
Installed Antivirus
Default-Deny
#11
A free AV is perfectly sufficient for use with Appguard, and, as mentioned before, Windows Defender (I think it is called Security Essentials, for Windows 7) does the job just fine, and is probably the best choice, because it is generally conflict-free.
 

shmu26

Level 57
Jul 3, 2015
4,670
14,861
Operating System
Windows 10
Installed Antivirus
Default-Deny
#12
Thank you for the reply. :) I understand the reason you gave about need of Antivirus or firewall. But is that the only reason why I should spend money for two security solutions (any other antivirus software + AppGuard)? It's difficult for me to grasp the cost benefit analysis with this. Is it possible for you to provide more reasons to have such a hybrid solution?
Another advantage to a AV program is to identify previously unknown malware, such as the recent CCleaner backdoor. When the malware became publicly known, the AVs started recognizing it.
Many AVs also have a certain amount of behavior blocking capability, but the added advantage of having such protection will be marginal and unreliable.
 

Lockdown

From AppGuard
Developer
Oct 24, 2016
2,918
12,630
#13
As a general rule under typical computing conditions, the average AppGuard home user has sufficient knowledge to know how to source safe programs and avoid sketchy ones. Also, they are not prolific, negligent, compulsive downloader-installers of programs willy-nilly.

A layered defense makes the system's security insurance policy provide greater coverage. That insurance policy does not provide perfect coverage.

All of these discussions are academic as you do not see regular security forum members posting that security soft XYZ failed them in either trivial or advanced security matters. Such posts are rare.