Status
Not open for further replies.
D

Deleted member 2913

Which are the products with good Behavior Blocker & not just a GUI bells & whistles?

if you read the products white papers or blogs, it seems excellent but in practical how good are they?

Like when Avast introduced Deepscreen & all, I quite followed the product. At that time I had a spare system & use to test Avast often but always find their introduced technology not good. Other testers too find it not good. And Avast reply was always like server maintenance, this is not fully introduced, that is there but these & those are not there, when these & those will be there then the improvement in the results will be there, etc...
Still I find Deepscreen not that effective.
I dont know Evo-Gen, etc... is their behavior blocker technology or sign/heur but it does works.

Currently I am running Fsecure AV.
I read the white paper of DeepGuard.
It seems excellent. Like it does File Reputation, Behavior Analysis, File Prevalence, Exploit protection, etc... & if a file passes everything then actively monitored & blocked/quarantined when malicious action is detected or reaches a threshold, etc...
In practical how good it is?
 
Last edited by a moderator:

venustus

Level 50
Verified
Trusted
Content Creator
Which are the product with good Behavior Blocker & not just a GUI bells & whistles?

if you read the products white papers or blogs, it seems excellent but in practical how good are they?

Like when Avast introduced Deepscreen & all, I quite followed the product. At that time I had a spare system & use to test Avast often but always find their introduced technology not good. Other testers too find it not good. And Avast reply was always like server maintenance, this is not fully introduced, that is there but these & those are not there, when these & those will be there then the improvement in the results will be there, etc...
Still I find Deepscreen not that effective.
I dont know Evo-Gen, etc... is their behavior blocker technology or sign/heur but it does works.

Currently I am running Fsecure AV.
I read the white paper of DeepGuard.
It seems excellent. Like it does File Reputation, Behavior analysis, File Prevalence, Exploit protection, etc...
In practical how good it is?
From past experience in using it, I found it to be very good!!
I am now however leaning towards "cloud" AV's like Trend/Norton etc..!:);)
 
H

hjlbx

F-Secure DeepGuard and Emsisoft Behavior Blocker operate essentially the same...

In my experience Emsisoft Internet Security is much better overall; better firewall, better File Reputation database, works well on W8.1 system, good support, easy to use interface, etc.
 
D

Deleted member 2913

From past experience in using it, I found it to be very good!!
I am now however leaning towards "cloud" AV's like Trend/Norton etc..!:);)
Cloud Security option if disabled/unchecked affects/reduces the protection or not?
 

venustus

Level 50
Verified
Trusted
Content Creator
Isn't Cloud Security option just to send anonymous data for unknown malware?

How does disabling it affects protection?
If the signatures miss a file it uses the cloud for unknown files!
Kaspersky with its KSN Eset with live grid etc..
 
D

Deleted member 2913

In common settings there are privacy & connection option.

Attached are the screenshot
Connection option shows Security Cloud connected - Guess this you are talking about like KSN, Eset live grid?
Privacy options shows participate in the security cloud - Guess disabling this will not affect protection?
 

Attachments

jamescv7

Level 85
Verified
Trusted
Behavior Blocker these days like from F-secure and Emsisoft are can manage well based on cloud reputation database in order to achieve easy decision making but likely different when its not connected.

Actually that's the more sufficient in the techniques for security matters as typical users may still confused about suspicious behavior without any basis of reference.

As much as possible just ticked the option for joining cloud service, its better to be safe than sorry.
 
H

hjlbx

Behavior Blocker these days like from F-secure and Emsisoft are can manage well based on cloud reputation database in order to achieve easy decision making but likely different when its not connected.

Actually that's the more sufficient in the techniques for security matters as typical users may still confused about suspicious behavior without any basis of reference.

As much as possible just ticked the option for joining cloud service, its better to be safe than sorry.
jamescv7 makes extremely important point - user will not know what to do if they have little or no experience (basis of reference). That is primary problem with both - more so with HIPS than Behavior Blocker.

I only learned by practicing with actual malware... I can't see any other way to learn how any particular AV works.
 
D

Deleted member 2913

Behavior Blocker these days like from F-secure and Emsisoft are can manage well based on cloud reputation database in order to achieve easy decision making but likely different when its not connected.

Actually that's the more sufficient in the techniques for security matters as typical users may still confused about suspicious behavior without any basis of reference.

As much as possible just ticked the option for joining cloud service, its better to be safe than sorry.
I ticked the option.
 
D

Deleted member 178

best BBs are in order:

1- Emsisoft (mamutu now built-in EAM/EIS)
2- Norton (Sonar)
3- F-secure (deepguard)
4- Threatfire (not developed anymore)
 

Cch123

Level 7
Verified
Adding on the Umbra's list, Trend and GData's behaviour blockers are now one of the best in the market. I particularly like how GData allow you to see what actions has the program taken before the behavior alert triggers so that you can make a more informed decision. For example, a behaviour alert triggers for a program writing an autostart entry. But there are many legitimate reasons for writing autostart entries too. However, if you see that the program has attempted to download from the internet and inject code before writing the entry, it is probably malicious.
 
Status
Not open for further replies.
Top