Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Comodo
Comodo CIS Bug fix policy
Message
<blockquote data-quote="Trident" data-source="post: 1100349" data-attributes="member: 99014"><p>[USER=79770]@Divine_Barakah[/USER] used signatures as an example of pre-execution protection. In reality, most of it is attributed to short if, then, else logics known as heuristics. Heuristic analysis involves emulating portions of the code in a secure environment, unpacking payloads to the core, looking for specific malware traits.</p><p></p><p>We now have static analysis as well that looks at roughly 3-5k features of various file formats, running these features through decision trees.</p><p></p><p>In reality, very solid bulk of detections nowadays are still generated by signatures, heuristics (dynamic analysis), reputation, third-party feeds, web-filtering and static analysis.</p><p></p><p>Vendors then go further, by implementing post-execution protections that look at connections and behaviour. Whilst some of the implementations are dubious, other vendors excel in these areas.</p><p></p><p>In Comodo, both the pre-execution and post-execution protections are abysmal, you are left just with the alert/prompt.</p><p>This is the reason why others don’t by default bother you with these prompts, because they’ve got other cards up their sleeve.</p></blockquote><p></p>
[QUOTE="Trident, post: 1100349, member: 99014"] [USER=79770]@Divine_Barakah[/USER] used signatures as an example of pre-execution protection. In reality, most of it is attributed to short if, then, else logics known as heuristics. Heuristic analysis involves emulating portions of the code in a secure environment, unpacking payloads to the core, looking for specific malware traits. We now have static analysis as well that looks at roughly 3-5k features of various file formats, running these features through decision trees. In reality, very solid bulk of detections nowadays are still generated by signatures, heuristics (dynamic analysis), reputation, third-party feeds, web-filtering and static analysis. Vendors then go further, by implementing post-execution protections that look at connections and behaviour. Whilst some of the implementations are dubious, other vendors excel in these areas. In Comodo, both the pre-execution and post-execution protections are abysmal, you are left just with the alert/prompt. This is the reason why others don’t by default bother you with these prompts, because they’ve got other cards up their sleeve. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
