Battle Combine NVT OSArmor with Malwarebytes Anti-Exploit OR HitmanPro.Alert?

FrFc1908

Level 20
Thread author
Verified
Top Poster
Well-known
Jul 28, 2016
950
Hello all. currently I am using the ( free ) beta version of Mbae. I also make use of Nvt Osarmor. I am fiddeling around with the idea of buying Hmpa. Can you guys give me some honoust opinions on to buy or not to buy hmpa and the pro's and con's please. feedback very much apreciated and big thanks in advance!! ;)
 
D

Deleted member 178

MBAE is more basic than HMPA , less control and features, but surely less prone to issues/incompatibilities.

Honestly i tried both and HMPA is my favorite, but probably oriented to more techie users and has more features (cloud engine, basic keystroke encryption, USB protection, etc...).

If you have nothing better to do with your money, buy it , it is a good soft.
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Hello all. currently I am using the ( free ) beta version of Mbae. I also make use of Nvt Osarmor. I am fiddeling around with the idea of buying Hmpa. Can you guys give me some honoust opinions on to buy or not to buy hmpa and the pro's and con's please. feedback very much apreciated and big thanks in advance!! ;)
Can you clarify if this is for Windows 10 with Qihoo 360 Security - as stated on your profile, or another config?

You want to avoid overlapping features with any existing real-time or OS features, as they are often the cause of conflicts.
 

codswollip

Level 23
Content Creator
Well-known
Jan 29, 2017
1,201
I would opt for MBAE + OSArmor (or OSArmor alone). HMPA was always problematic for me, requiring many tweaks to avoid conflicts with my softwares and OS (ex. it often mangled Alt-Tab on my laptop). For me HMPA was a royal headache. MBAE was always benign,... quietly sitting in the tray. It never once alerted (or maybe it was asleep on the job... who knows).

OSArmor at default settings is quiet. However optional settings can create FPs (you're warned about this). For me, I prefer NVT's RadarPro over OSA.
 

FrFc1908

Level 20
Thread author
Verified
Top Poster
Well-known
Jul 28, 2016
950
Ok thanks everybody for their input and experiences , sure there where incompatebillity issues in the past when I tested the beta , just like @Umbra did. @Spawn it is gonna be with 360 ts. after reading it all I think is is best , to stay with the config I have right now :) ;)
 
D

Deleted member 178

plus Osarmor has antiexploit protection,
False. it is not a real anti-exploit protection, just some mechanism to prevent processes to abuse the listed apps; there is no in-memory protection, so no anti-exploit protection "a la" HMPA/MBAE/Windows Exploit Guard/EMET.

But doesnt OSArmor already cover everything that MBAE does? Or does it fill something thats OSA is missing?
not at all, people don't confound "post-exploit protection" with "anti-exploit protection"

It is not because your car can function under the rain that it can be a submarine...
 

Dave Russo

Level 21
Verified
Top Poster
Well-known
May 26, 2014
1,041
False. it is not a real anti-exploit protection, just some mechanism to prevent processes to abuse the listed apps; there is no in-memory protection, so no anti-exploit protection "a la" HMPA/MBAE/Windows Exploit Guard/EMET.


not at all, people don't confound "post-exploit protection" with "anti-exploit protection"

It is not because your car can function under the rain that it can be a submarine...
False. it is not a real anti-exploit protection, just some mechanism to prevent processes to abuse the listed apps; there is no in-memory protection, so no anti-exploit protection "a la" HMPA/MBAE/Windows Exploit Guard/EMET.


not at all, people don't confound "post-exploit protection" with "anti-exploit protection"

It is not because your car can function under the rain that it can be a submarine...
Do you consider the settings tab on OSarmor {open configurator} to be a false definition of real anti-exploit protection?
 
D

Deleted member 178

Do you consider the settings tab on OSarmor {open configurator} to be a false definition of real anti-exploit protection?
yep, real anti-exploit are HMPA , MBAE, Windows Exploit Guard (ex-EMET), or some modules in some AV suites.
basically tools that protect the memory space of a process to be modified. .

SurfRight’s real time anti-exploit technology focuses on detecting and preventing the memory manipulations and abuses that allow malicious code to run in the first place. Generic prevention of exploits at this early stage in the attack chain can help thwart malicious code in the processor and memory, before it can do serious damage.
We just made our next-gen endpoint offering even stronger with our acquisition of SurfRight

Using the term "anti-exploit" become trendy , many vendors use the term to add value to their soft.
They are not totally "wrong" because it is indeed protecting the said application to be "exploited" but they don't cover all the exploitation vectors as "real" anti-exploit software and they surely not protect the memory.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
OSA is anti-exploit in the broader sense of the word. But technically, it is post-exploit protection: If an exploit succeeds in compromising your browser, or your PDF reader, etc etc, OSA will make sure it can't get its hands on the tools that these attacks typically use in the second stage -- such as powershell, for instance.

A "true" anti-exploit prevents the program from getting compromised in the first place.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top