App Review COMODO Internet Security 2025 Premium

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Status
Not open for further replies.
Content created by
Shadowra

rashmi

Level 11
Jan 15, 2024
538
Same old Comodo, all on the sandbox.
The product experience depends on its features, your usage, and your understanding of the product.

For example, I installed this new version of Comodo Firewall. It only contained one program (the only unsigned program) of the eighteen installed programs on the system. The unsigned program is important to me, so I have set its folder to "ignore" in the containment. It'll auto-update with no issues, but Comodo will show the containment alert for over-install (if unrecognized). I have signed and unsigned eleven portable programs. Comodo contained only one program; it found three in the cloud whitelist and the rest in the trusted vendor list. Overall, excellent experience.
 

Ink

Administrator
Verified
Jan 8, 2011
22,490
Someone pointed to this thread.
Thanks for that.
There are many uneducated people in the world where they think a legacy AV is better security than CIS and its ok to allow an unknown run giving it full access to your computer. Its laughable really. Its like people thinking horses were better transport than Cars when Cars were invented :).
These people play russian roulette with those unknown files! Its crazy!

They don’t understand how “Zero Trust” cybersecurity works
Link: COMODO Internet Security 2025 Premium
 

Decopi

Level 8
Verified
Oct 29, 2017
355
Facts of reality:

1. The current Comodo' version announced as “2025” is nothing more than the old Beta version, which due to lack of dedication was not only frozen for more than a year, but worse, this abandoned Beta was never finished, most of the five years old bugs remain unfixed, and the only thing Comodo has done is just new UI cosmetics.

2. Comodo was never a great company and never had great products. For years, Comodo only had a single tool (sandbox/containment). Comodo' fanatics built a false myth on top of this sandbox/containment, not only making people believe that it was unbeatable (which many times was already proven false), but worse, these fanatics also built the idea that a simple broken sandbox/containment is enough to label a software as "the best and most complete security system". All of this is irresponsibly false and wrong.

3. In the IT security world, no one invents the wheel, and there are good reasons to explain why the best security software never used sandbox/containment. There have been hundreds of security software over past decades, all promising the best "ultimate solution". But none of these software products ever dared to use a simple broken sandbox/containment as an "ultimate solution". Only Comodo' fanatics insist that this broken sandbox/containment is the "ultimate solution".

4. The Comodo' website was always a disaster, but this is not just a coincidence, this is the Comodo' classic pattern behavior, reflected on every Comodo' product: Old, abandoned, useless and full of bugs.

5. Any conclusion of any expert is always published with the identification of the expert, verifying his technical training & experience, and fundamentally verifying the veracity of his tests and statements, describing in detail the necessary information (allowing to universally reproduce same tests and conclusions).

The participants here at MalwareTips are subjective opinion holders, they are not experts (or at least, they never documented their supposed expertise).
Subjective opinions and cute videos with nice music... are not proof of anything.
 
Last edited:

Shadowra

Level 36
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,583
The participants here at MalwareTips are subjective opinion holders, they are not experts (or at least, they never proved their supposed expertise).
Cute videos with nice music are not proof of anything.
Mind you, I don't claim to be an expert, far from it, I'm just passionate about IT and cyber-security, even though I work in IT.

Secondly, I always place antivirus software on an equal footing and in extreme testing. I take time to look for the most recent samples and I also add several old malware to see how reactive the lab is.

Rest assured, I didn't take your message the wrong way, I just wanted to clarify this point :)
 

ErzCrz

Level 22
Verified
Top Poster
Well-known
Aug 19, 2019
1,152
It would be amazing to see actual bypass of Comodo's Containment which is Kernel API Virtualization.

Their transparency pages: Comodo Transparency Page & Xcitium Transparency Page show there haven't been any breaches but if you turn off or turn down features in CIS/CF it doesn't work as intended. Yes, their website is a mess but I can always grab a copy of what I want from the forum until they improve it.

I'm a paranoid user. I'm more bothered that something unknown gets allowed than anything but signatures are very important and with most products these days, the latest is in the cloud so what I like about CIS/CF is that it'll visualize an unknown file, check cloud for signature and and analyze it before allowing it. I also love/appreciation for CyberLock and although overkill I run both together.

People will use what works with them which is why I use Comodo but I also really like the Hard_Configurator approach of hardening the system and using a standard user. Which is the best approach is hard to say, a bit of everything probably. I'm probably just another aforementioned fanboy but have I ever been infected while using it? No.
 

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,861
It would be amazing to see actual bypass of Comodo's Containment which is Kernel API Virtualization.

Their transparency pages: Comodo Transparency Page & Xcitium Transparency Page show there haven't been any breaches
Comodo/Xcitium missed widespread and prevalent malware samples in AV-Test's business test every time in 2023, there are misses in the previous years also.
In the business test, AV vendors can specify the product's configuration as they see fit prior to testing. So, I certainly expect that Containment was turned on, I think it's on anyway on default on business products equivalent to CruelSister's settings. But it still failed to detect some widespread and prevalent malware samples. Shouldn't that mean, auto-containment failed to protect the system? Its protection was bypassed one way or another. Most products protect against 100% of the malware on these ''widespread and prevalent malware' tests as they are up to 4-weeks old. So long enough for most vendors to have threat intelligence about them.
 

ErzCrz

Level 22
Verified
Top Poster
Well-known
Aug 19, 2019
1,152
Comodo/Xcitium missed widespread and prevalent malware samples in AV-Test's business test every time in 2023, there are misses in the previous years also.
In the business test, AV vendors can specify the product's configuration as they see fit prior to testing. So, I certainly expect that Containment was turned on, I think it's on anyway on default on business products equivalent to CruelSister's settings. But it still failed to detect some widespread and prevalent malware samples. Shouldn't that mean, auto-containment failed to protect the system? Its protection was bypassed one way or another. Most products protect against 100% of the malware on these ''widespread and prevalent malware' tests as they are up to 4-weeks old. So long enough for most vendors to have threat intelligence about them.
Thanks for the information. All the tests were 100% for 0-day detection. Reading their testing procedures Test Modules under Windows - Protection the results for Detection of widespread and prevalent malware is "An on-demand scan occurs via the AV-TEST reference set." so @rashmi is correct. With CIS the localized signature base is a light version installed by default (200mb vs 700mb), it's no wonder the 0.2% weren't picked up but will have been put into virtualization and cloud checked/analyzed. The most important result here is the 0-day test and those missed on the av-test isn't the result of any bypass because the samples weren't executed or downloaded.
 

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,861
Thanks for the information. All the tests were 100% for 0-day detection. Reading their testing procedures Test Modules under Windows - Protection the results for Detection of widespread and prevalent malware is "An on-demand scan occurs via the AV-TEST reference set." so @rashmi is correct. With CIS the localized signature base is a light version installed by default (200mb vs 700mb), it's no wonder the 0.2% weren't picked up but will have been put into virtualization and cloud checked/analyzed. The most important result here is the 0-day test and those missed on the av-test isn't the result of any bypass because the samples weren't executed or downloaded.
(Also tagging @rashmi), This is not correct. You read point number 2 on that link but missed number 3.
The remaining malware were executed after on-deman scan. Check again,
  1. Whereas the products for home users are installed with default settings, the manufacturer is able to specify the configuration of corporate solutions. The products are updated and have complete Internet access at all times.
  2. An on-demand scan occurs via the AV-TEST reference set.
  3. All files not detected in the on-demand scan are executed on the test system in order to test the dynamic detection.
So, looks like indeed Comodo/Xcitium's protection layers were bypassed. Isn't that so? :unsure:
 

rashmi

Level 11
Jan 15, 2024
538
(Also tagging @rashmi), This is not correct. You read point number 2 on that link but missed number 3.
The remaining malware were executed after on-deman scan. Check again,
I know it because I read the entire page. I'm confused about the detection test definition. It appears to be a test of antivirus features: an on-demand scan followed by executing the remaining samples for dynamic detection. Comodo scored 100% in all the protection tests you shared, which is why the detection test seems to be for antivirus features.
 
  • Like
Reactions: ErzCrz and Shadowra

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,861
I know it because I read the entire page. I'm confused about the detection test definition. It appears to be a test of antivirus features: an on-demand scan followed by executing the remaining samples for dynamic detection. Comodo scored 100% in all the protection tests you shared, which is why the detection test seems to be for antivirus features.
I don't see anything confusing there. AV vendors on home products are tested on default, for corporate vendors can offer settings modification and then AV-Test performs the test.
In Stage 1, malware are introduced via accessing direct to their URL, similar to AV-Comparative's Real-World test.
In Stage 2, malware collection is already prepared. They are scanned first and then executed, similar to AV-Comparative's Malware Protection test.
The protection settings and components for both tests are identical. In both cases, missed samples are executed. So surely Comodo/Xcitium's antivirus capabilities as well as Auto-Containment were tested. Without the Containment feature, it would've missed plenty more.
I'm neither a Comodo hater, nor a fan. I'm just referring to what I saw which indicates that it's not bulletproof as some people seem to think it is, including their CEO. Maybe someone should ask him about these tests and see if he can provide an explanation.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top