Can AppGuard be considered an IDS/IPS?

[HarborFront]

Hi

Can I know whether AppGuard is good enough to be a proactive IDS/IPS in the protection of the followings

Registry
Files/Folders
Processes
Memory
.....other areas

If not, any additional software is required to cover its shortfalls?

Thanks

 

[509322]

Hi

Can I know whether AppGuard is good enough to be a proactive IDS/IPS in the protection of the followings

Registry
Files/Folders
Processes
Memory
.....other areas

If not, any additional software is required to cover its shortfalls?

Thanks

AppGuard is not IDS\IPS, it is SRP. The policy and other protections work like this - if it is not allowed, then it is denied (blocked). That is how all SRP works.

Fully Guarded (= untrusted) files are prevented from writing to protected areas of the registry, user-designated Private folders (file vaults), and tampering with other process memory.

The vast majority of malware comes through User Space, so the default policies are optimized to prevent system compromise via User Space. The System Space policies can be crafted and refined as the user sees fit.

SRP typically comes with a minimal configuration that provides high protection (AppGuard) or is completely empty without any default policies (e.g. AppLocker and Group Policy).

SRP is highly adaptable and flexible in protecting against a wide-range of malware and attacks.

If you block it by default, then you do not need 18 gizmo layers. A wisely chosen combo of SRP, antivirus and firewall is recommended.

 

[Deleted member 178]

Hi
Can I know whether AppGuard is good enough to be a proactive IDS/IPS in the protection of the followings
Registry
Files/Folders
Processes
Memory
.....other areas

from help file:

The critical OS Components that AppGuard protects are:
-Windows system folder
- Program files folder
- Selected registry keys
- Process memory
- Additional folders can be protected by adding them to the Protected Folders policy.

 

[509322]

from help file:

The critical OS Components that AppGuard protects are:
-Windows system folder
- Program files folder
- Selected registry keys
- Process memory
- Additional folders can be protected by adding them to the Protected Folders policy.

Thanks. I did not feel like digging through it.

Now when someone asks the same question I can point to your post.

 

[HarborFront]

AppGuard is not IDS\IPS, it is SRP. The policy and other protections work like this - if it is not allowed, then it is denied (blocked). That is how all SRP works.

Fully Guarded (= untrusted) files are prevented from writing to protected areas of the registry, user-designated Private folders (file vaults), and tampering with other process memory.

The vast majority of malware comes through User Space, so the default policies are optimized to prevent system compromise via User Space. The System Space policies can be crafted and refined as the user sees fit.

SRP typically comes with a minimal configuration that provides high protection (AppGuard) or is completely empty without any default policies (e.g. AppLocker and Group Policy).

SRP is highly adaptable and flexible in protecting against a wide-range of malware and attacks.

If you block it by default, then you do not need 18 gizmo layers. A wisely chosen combo of SRP, antivirus and firewall is recommended.

Thanks. Yes, I know AG is a SRP.

Nowadays, few firewalls have built-in IDS/IPS so using AG as an IDS/IPS to complement a simple firewall to protect the areas mentioned would be a good move, right? Of course IDS/IPS uses HIPS/BB but not AG.

 

[509322]

so using AG as an IDS/IPS to complement a simple firewall to protect the areas mentioned would be a good move, right?

A simplistic answer is yes, it protects the areas you mention.

 

[mastermind]

Where can i download AppGuard??

 

[Deleted member 178]

Where can i download AppGuard??

Nowhere ! Appguard is a soft only for the Chosen ones !!!!

Home

There is no trial if is what you want.

 

[mastermind]

We want to be chosen ones