Comodo is bypassable even if sandbox enabled but still good product.
COMODO Internet Security 2025 Premium
- Thread starter Shadowra
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
- Status
The product experience depends on its features, your usage, and your understanding of the product.
For example, I installed this new version of Comodo Firewall. It only contained one program (the only unsigned program) of the eighteen installed programs on the system. The unsigned program is important to me, so I have set its folder to "ignore" in the containment. It'll auto-update with no issues, but Comodo will show the containment alert for over-install (if unrecognized). I have signed and unsigned eleven portable programs. Comodo contained only one program; it found three in the cloud whitelist and the rest in the trusted vendor list. Overall, excellent experience.
Really? If so, please PM to me the file.
Hi all, do you think CIS (both AV + FM components installed) and Cyberlock/Voodooshield overkill? Is there any advantage?
I run the two together as I bought CL this year. They run together without issue though it is overkill. Advantage? Mis-configured CIS/CF or human error maybe.
Last edited:
Thanks. I like each of them alone. I guess they together are overkill. But I'll try anyway.
Cool. My favourite combination is CF (CruelSister config) with CL and DefenderUI. CF can do what it does best with firewall and Sandbox, Defender can do what it does as an AV and CL, which I really like, covers anything else
Someone pointed to this thread.
Link: COMODO Internet Security 2025 PremiumThanks for that.
There are many uneducated people in the world where they think a legacy AV is better security than CIS and its ok to allow an unknown run giving it full access to your computer. Its laughable really. Its like people thinking horses were better transport than Cars when Cars were invented.
These people play russian roulette with those unknown files! Its crazy!
They don’t understand how “Zero Trust” cybersecurity works
Actually Comodo's protection against various Scriptors has always been very strong (or else I would have jumped all over them for such a deficiency).
Mind you, I don't claim to be an expert, far from it, I'm just passionate about IT and cyber-security, even though I work in IT.
Secondly, I always place antivirus software on an equal footing and in extreme testing. I take time to look for the most recent samples and I also add several old malware to see how reactive the lab is.
Rest assured, I didn't take your message the wrong way, I just wanted to clarify this point
It would be amazing to see actual bypass of Comodo's Containment which is Kernel API Virtualization.
Their transparency pages: Comodo Transparency Page & Xcitium Transparency Page show there haven't been any breaches but if you turn off or turn down features in CIS/CF it doesn't work as intended. Yes, their website is a mess but I can always grab a copy of what I want from the forum until they improve it.
I'm a paranoid user. I'm more bothered that something unknown gets allowed than anything but signatures are very important and with most products these days, the latest is in the cloud so what I like about CIS/CF is that it'll visualize an unknown file, check cloud for signature and and analyze it before allowing it. I also love/appreciation for CyberLock and although overkill I run both together.
People will use what works with them which is why I use Comodo but I also really like the Hard_Configurator approach of hardening the system and using a standard user. Which is the best approach is hard to say, a bit of everything probably. I'm probably just another aforementioned fanboy but have I ever been infected while using it? No.
Their transparency pages: Comodo Transparency Page & Xcitium Transparency Page show there haven't been any breaches but if you turn off or turn down features in CIS/CF it doesn't work as intended. Yes, their website is a mess but I can always grab a copy of what I want from the forum until they improve it.
I'm a paranoid user. I'm more bothered that something unknown gets allowed than anything but signatures are very important and with most products these days, the latest is in the cloud so what I like about CIS/CF is that it'll visualize an unknown file, check cloud for signature and and analyze it before allowing it. I also love/appreciation for CyberLock and although overkill I run both together.
People will use what works with them which is why I use Comodo but I also really like the Hard_Configurator approach of hardening the system and using a standard user. Which is the best approach is hard to say, a bit of everything probably. I'm probably just another aforementioned fanboy but have I ever been infected while using it? No.
Comodo/Xcitium missed widespread and prevalent malware samples in AV-Test's business test every time in 2023, there are misses in the previous years also.
In the business test, AV vendors can specify the product's configuration as they see fit prior to testing. So, I certainly expect that Containment was turned on, I think it's on anyway on default on business products equivalent to CruelSister's settings. But it still failed to detect some widespread and prevalent malware samples. Shouldn't that mean, auto-containment failed to protect the system? Its protection was bypassed one way or another. Most products protect against 100% of the malware on these ''widespread and prevalent malware' tests as they are up to 4-weeks old. So long enough for most vendors to have threat intelligence about them.
Test Xcitium Client Security 12 for Windows 10 (232424)
The current test Xcitium Client Security 12 for Windows 10 (232424) from August 2023 of AV-TEST, the leading international and independent service provider for antivirus software and malware.
www.av-test.org
Test Xcitium Client Security 12 for Windows 10 (232323)
The current test Xcitium Client Security 12 for Windows 10 (232323) from June 2023 of AV-TEST, the leading international and independent service provider for antivirus software and malware.
www.av-test.org
Test Xcitium Client Security 12 for Windows 11 (232224)
The current test Xcitium Client Security 12 for Windows 11 (232224) from April 2023 of AV-TEST, the leading international and independent service provider for antivirus software and malware.
www.av-test.org
Test Xcitium Client Security 12 for Windows 10 (232125)
The current test Xcitium Client Security 12 for Windows 10 (232125) from February 2023 of AV-TEST, the leading international and independent service provider for antivirus software and malware.
www.av-test.org
@SeriousHoax Isn't Stage 2 a test for detection or antivirus features? More info lists them: Stage 1: Test of the protection function. Stage 2: Test of the detection function.
Thanks for the information. All the tests were 100% for 0-day detection. Reading their testing procedures Test Modules under Windows - Protection the results for Detection of widespread and prevalent malware is "An on-demand scan occurs via the AV-TEST reference set." so @rashmi is correct. With CIS the localized signature base is a light version installed by default (200mb vs 700mb), it's no wonder the 0.2% weren't picked up but will have been put into virtualization and cloud checked/analyzed. The most important result here is the 0-day test and those missed on the av-test isn't the result of any bypass because the samples weren't executed or downloaded.
(Also tagging @rashmi), This is not correct. You read point number 2 on that link but missed number 3.
The remaining malware were executed after on-deman scan. Check again,
So, looks like indeed Comodo/Xcitium's protection layers were bypassed. Isn't that so?
Test Modules under Windows - Protection
www.av-test.org
I know it because I read the entire page. I'm confused about the detection test definition. It appears to be a test of antivirus features: an on-demand scan followed by executing the remaining samples for dynamic detection. Comodo scored 100% in all the protection tests you shared, which is why the detection test seems to be for antivirus features.
I don't see anything confusing there. AV vendors on home products are tested on default, for corporate vendors can offer settings modification and then AV-Test performs the test.
In Stage 1, malware are introduced via accessing direct to their URL, similar to AV-Comparative's Real-World test.
In Stage 2, malware collection is already prepared. They are scanned first and then executed, similar to AV-Comparative's Malware Protection test.
The protection settings and components for both tests are identical. In both cases, missed samples are executed. So surely Comodo/Xcitium's antivirus capabilities as well as Auto-Containment were tested. Without the Containment feature, it would've missed plenty more.
I'm neither a Comodo hater, nor a fan. I'm just referring to what I saw which indicates that it's not bulletproof as some people seem to think it is, including their CEO. Maybe someone should ask him about these tests and see if he can provide an explanation.
Oh no, I don’t think at this point anyone wants to get involved. Melih always had trouble with testing institutions, once the problem is that Comodo is not tested, then the problem is that the testing protocol is not “adjusted” to accommodate Comodo. Similar case with Webroot.
Notice how it’s always some God-forgotten, third-tier solutions that have problem with tests and testing bodies.
I never heard Microsoft complaining when Microsoft Security Essentials was at the bottom of the charts.
I never heard Trend Micro complaining that for years now, TM is at the bottom of the AVC Malware Protection Test.
Comodo and tests is a subject that at this point nobody really wants to open, as nobody cares about Comodo enough either.
Comodo has now ran its course and it’s time to move on, regardless whether they will release version 2025 or 2055.
- Status
You may also like...
-
-
-
Webroot SecureAnywhere Complete 2025
- Started by Shadowra
- Replies: 16
-
-