App Review COMODO Internet Security 2025 Premium

[Decopi]

Taken today from the Comodo' forum, I attach a video with a test that shows a Comodo' vulnerability (due to the exclusion of the “Downloads” folder from virtualization at settings by default).
It's only one among dozens of many and many other videos confirming Comodo' vulnerabilities.

But they are all videos from non-experts.

The conclusion is that, if there are comments or videos from non-experts, in favor or against Comodo, because they are from non-experts they all represent only subjective opinions, none of them represents proof of anything.
Everyone is free to "believe" in non-experts, whether in favor or against Comodo. But I repeat, subjective comments and tests from non-experts require "faith", they are NOT proof of anything. If someone chooses to "believe" only the positive comments/videos of non-experts, that is called "selectivity", the basis of a false conclusion.

 

[Duotone]

Need assistance with the new Comodo Firewall. Does anyone know how to exclude a python file without turning it off in the script protection?

Thank you!

 

[rashmi]

Need assistance with the new Comodo Firewall. Does anyone know how to exclude a python file without turning it off in the script protection?

Auto-Containment: Click Add. Action - Choose Ignore. Edit - Browse-Files (browse the file). Click OK (all opened windows).
Advanced Protection > Scan Exclusions: Excluded Paths - Click Add-Files (browse the file). Click OK.

 

[vuksha_xc60]

We may well see the return of the combo where you install the Comodo firewall and a free AV such as Kaspersky Free

List of applications incompatible with Kaspersky Internet Security 20

Review the list of applications which may affect the correct work of Kaspersky Internet Security 20.

support.kaspersky.com

 

[vuksha_xc60]

Cool. My favourite combination is CF (CruelSister config) with CL and DefenderUI. CF can do what it does best with firewall and Sandbox, Defender can do what it does as an AV and CL, which I really like, covers anything else

It's basically mandatory for laptops and for people connecting to public WiFi often

 

[Chuck57]

Well, the usual chorus of naysayers here (all non-experts) have convinced me to try CFW, even though I still have almost 6 months left with Kaspersky Plus. If the new firewall equals the old in protection, it'll be great. Antivirus will, I suppose, be Win Defender with Configure Defender by Andy Ful.

*EDIT* Running well and light on an ASUS Vivobook Go 14/15 - definitely not a high end machine. Of course I have Cruelsister settings emp;loyed (even though she's apparently a non-expert according to someone). All in all, so far so good for the first couple of hours.

 

[overdivine]

@ErzCrz,

With all due respect, what you are presenting is just a commercial advertisement.
The article is NOT a test about CIS 2025.
If you are looking for commercial advertisements about Comodo' products, please Google the subject, and you will find dozens against Comodo.

In real life:
1. CIS was and still is an useless piece of garbage. It's not me saying that, it's confirmed by Comodo' market share, which was insignificant decades ago and is still insignificant today (even as a free product).
2. Comodo' bugs are years old and still have not been fixed. Again, it's not me saying that, please visit the Comodo' forum and read the complaints of the participants. The Comodo' forum has a strict censorship policy, not only not allowing criticism, but also deleting ALL participant posts. Even so, participants found ways to post LISTS of bugs.
3. If the Firewall/Containment are disabled, there is a 100% chance of infection.
4. There is no such thing as "unbeatable software". It has already been confirmed, several times, that Containment has bugs and can be bypassed.

in real life, arguments don't work like this

1. irrelevant- check Ferrari market share
2. irrelevant - all software had have and will have bugs
3. irrelevant - if you stop modules of other programs the result will be the same
4. irrelevant - all software can be bypassed

all you are saying is like that Comodo is as good as all the other products out there

PS: i don't use and i will not us Comodo

 

[Victor M]

All you guys should consider a sales career. So many colorful illustrations. So many angles. You will close the sale selling whatever.

 

[Decopi]

1. irrelevant- check Ferrari market share

Wrong. It's not about the quantity. it's about the percentage.
In its market share, Ferrari is one of the leaders, while Comodo in its market share (even free) always was and still is in-existent.
To claim that Comodo is a good security software, while its market share for decades (even free) was and still is negligent, that is "Cognitive Dissonance" (a kind of reality denialism).

2. irrelevant - all software had have and will have bugs

Wrong.
Comodo not just has very old bugs, but worse, Comodo ignores, omits or denies its bugs.
Normal software companies try to fix their bugs, in the worse case they admit they're not going to fix bugs. But it's totally uncommon to have a company (like Comodo) which constantly lies, and treats the public as if they are mentally retarded, launching products with new names and a new UI, when under the hood it is the same old software, with the same unfixed bugs.

3. irrelevant - if you stop modules of other programs the result will be the same

Wrong.
If you have a security software as a "suite of different tools", as a strategy trying to prevent digital threats covering different angles... then each module must have a success probability. And this not happening with Comodo.
At CIS, if you disable Containment, you will have 100% probability of infection.
A serious security software is not based just on one feature (as Comodo is). And if that is the Comodo' case, then as I already mentioned in other posts, Comodo should forget the CIS garbage, and should focus only in the Firewall/Containment.
Non-fanatics know that CIS is garbage, and only its Firewall/Containment have some value.
Unfortunately Comodo pushes the whole useless CIS, as a desperate strategy to keep its brand alive (at any cost). It's an old strategy, never worked, and Comodo keeps losing time, energy and money.

4. irrelevant - all software can be bypassed

Comodo, and specially Comodo' fanatics... all they insists that Comodo is unbeatable.

all you are saying is like that Comodo is as good as all the other products out there

Wrong. All I'm saying is:
a. There are in the market many other security software (free), many times better than Comodo.
b. Comodo' fanatics are wrong, Comodo is not unbeatable, Comodo can be bypassed.
c. I do recognize some value in the Firewall/Containment features. But Comodo needs to put CIS on the trash, and needs to focus only at the Firewall/Containment, not just the UI, but fixing bugs and adding new features to the Firewall/Containment.

 

[rashmi]

Comodo, like other things, is not flawless. However, this thread contains many misleading or distorted facts, irrelevant or inaccurate comparisons, and biased and fixated remarks.

 

[RoboMan]

I think the debate has gotten way off-topic.

Comodo is not flawless. It's not a perfect product. Like none is.

It can be said that CIS may not be suitable in default settings for average users, since it relies more on Viruscope than in the sandbox, and this module is weak compared to the competition.

It should be said also that a well configured auto-containment is very strong for medium to advanced users. It will certainly help more than a traiditional-based antivirus that relies mainly on signatures.

It's also worth noting that despite it can be bypassed, mostly every product can be. And to recieve a targeted malware designed to bypass Comodo, while being a Comodo HOME USER, is really unlikely unless you're a person of interest. And if you're a person of interest, it's mostly about what you do online rather than the product you have installed.

 

[Duotone]

Auto-Containment: Click Add. Action - Choose Ignore. Edit - Browse-Files (browse the file). Click OK (all opened windows).
Advanced Protection > Scan Exclusions: Excluded Paths - Click Add-Files (browse the file). Click OK.

I found the workaround through "Unblock Application". I seem to have issues with my Win10 Desktop, there was no notification with the said file being blocked, but my Win11 laptop had no issue with the notification popping up.

 

[Helmut]

.......fanatics is always pushing garbage to users, exploiting false mantras such as: ......."I never got infected (thus, nobody is going to be infected)".....

I say the same thing! I am not an isolated case. I've been using comodo almost since it came out and I've never had just one computer with the same settings. I had and have computers and laptops with:
Windows 95, 98, XP, Millenium, version 7, 10, and now 11 and never been infected.
I've had games on it, professional activities, banking, tax returns and no virus, Trojan, rootkit or anything else.
What now?

 

[Adrian Ścibor]

Sounds like melih wrote it himself.

You made my day!

 

[Helmut]

But they are all videos from non-experts.
Everyone is free to "believe" in non-experts, whether in favor or against Comodo. But I repeat, subjective comments and tests from non-experts require "faith", they are NOT proof of anything. If someone chooses to "believe" only the positive comments/videos of non-experts, that is called "selectivity", the basis of a false conclusion.

I am not an expert, too, so I can only speak from my own experience. I have never had any malware with comodo for over two decades. I scan with other programs from time to time, currently with Hitman Pro (?), Malwarebytes, AdwCleaner, Kaspersky - none of them found anything. However, I had an expert on hand who advised me to use comodo at the time and helped me with the setup and protection mechanism. This expert is still responsible for security at a large German company today. Comodo takes a different approach
similar to a dialog in a crime thriller that I saw:

M.: “You only ever see the bad in people, there are good ones too!”

S.: “That's why I'm never disappointed.”

The next generation (and not the Old-School-methods) is zero-trust

https://fingerprint.com/blog/zero-trust-cyber-defense/
How Zero Trust Will Lead to the Next Generation of Cyber Defense

Zero trust needs many of all: money, time, staff

 

[Sandbox Breaker]

I've had no issues with Xcitium to be honest. Mind you we use alot of hardening practices and layers and excessive monitoring and threat hunting m

 

[kailyn]

Comodo, like other things, is not flawless. However, this thread contains many misleading or distorted facts, irrelevant or inaccurate comparisons, and biased and fixated remarks.

You mean the non-expert calling comodo "garbage" and its dedicated users "fanatics" and "non-experts"?

Obviously you read @Decopi 's ridiculous arguments. All their frenetic comodo bashing reveals a lot of deep resentments. It is actually a bit disturbing how profoundly comodo and its users bother him. You ever see anybody else triggered every single time there is a post made here about comodo and they just have to do something about it - they have to log in and begin a non-stop unhinged campaign of rage posts full of false analysis and facts?

No matter what they post people are still going to make comodo videos, people are still going to watch them, and people will continue to use CIS\CF until the owner makes it no longer available. CIS\CF is what the owner wants it to be. It is up to the owner to decide their goals & objectives with a product - and not anyone else.

 

[ddave]

Wrong. All I'm saying is:
a. There are in the market many other security software (free), many times better than Comodo.

Can you list those free software?

 

[Decopi]

Can you list those free software?

SHORT ANSWER: Any of the five most popular free software is better than CIS 2025.

LONG ANSWER:

There are different security profiles for different users.

For example, companies have needs for a more restricted security profile (in order to protect the company). Generally, these users are the target of digital attacks, where in most cases the attacker seeks money from the company.

On the other hand, ordinary home users, who represent the majority of the market using free software, they DO NOT need a restricted security profile. This audience in most cases is not even a target for serious digital attacks (generally, they're not attacked by dangerous zero-day attacks).

The participants here at MalwareTips are a point off the curve, because in real life most of them have just a "home user" profile and DO NOT need a restricted security profile. But they are users who approach the topic of security as a hobby, or because they like to test software, or because they suffer from some kind of paranoia etc. And that is why they mistakenly interpret that security software has to be a kind of dumb "deny-all" etc. Such a mistaken perception is not only inconsistent with reality, but is also unfeasible for most modern security profiles.

There is a fourth security profile, which would be "Hackers" or "State Agencies" etc, which is not worth including in my explanation, because they use protocols that are outside of any normal dimension. And also, since the operating systems and hardware themselves, at the factory already contain back-doors or irreparable security breaches, it doesn't even make sense here to talk about free or paid security software.

In this context, CIS 2025 is presented as a package of free security tools, which offers to the public a zero-trust solution at no cost.
The problem is that of all these Comodo' free tools, only one has some value ("Sandbox/Containment"). And if this tool is disabled, then any user profile will have a 100% chance of infection. Therefore, any free software on the market is better than CIS 2025.

But even if "Containment" is enabled, there are also other problems, first because there is no such thing like an "unbeatable software", and second because CIS has accumulated dangerous bugs for the past 5 years. And repeatedly, it was already proven that "Containment" is by-passable.

Unfortunately, Comodo' fanatics have the terrible habit of mental SELECTIVITY, commenting only on cases where "Containment" works, ignoring all the repeated cases where "Containment" did not work, failed and was bypassed.
In the same way, Comodo' fanatics also selectively manipulate security reports, only using results where Comodo did well in the rankings, while omitting and ignoring the vast majority of reports, where Comodo's mediocrity is proven year after year.
Furthermore, when Comodo' fanatics are confronted with real-life cases, the distortion reaches its climax, and users are blamed for everything, always freeing CIS of all responsibility.
All without forgetting the classic "ad-hominem" Comodo' fanatic attacks, where any criticism against Comodo is minimized by fanatics, who intolerantly prevent contradictory debate, and treat criticism with bullying, or disqualifying participants by labeling them as "ignorants" or "haters" or "trolls" or whatever. For Comodo' fanatics there are two types of people: The Comodo' fanatics and the enemy.

Even worse, as I mentioned, the audience that consumes free software is generally home users, and this audience is "plug-and-play", they know nothing, read nothing, and they are not interested in any type of software configuration. Therefore, this public does not have the slightest idea and does not want to deal with programs that are automatically blocked by CIS "Containment" (remembering that most of the programs blocked by CIS in "Containment" do not manage to be virtualized). Both the automatic blocking Containment option, as well as the "ask before Containing" option, is a failed zero-trust approach for home users, because I repeat, users do not want their programs blocked, and users are "happy-clickers" (they don't know what to allow or what to block).
Therefore, same logic, any free software on the market is better than CIS 2025.

It's necessary (once and for all) to put an end to the lies and myths of Comodo' fanatics: Comodo' zero-trust approach is a fallacy, because it's not a security system!
Inside "Containment" there is no identification of what is a "threat" VS what is a "non-harmful program". As already mentioned, most of Comodo' tools are mediocre. Only "Containment" remains with some value, but "Containment" does not use AI, or Behavioral Analysis, or anything. "Containment" does not identify dangerous programs! "Containment" is just a dumb binary blocker, it only differentiates between "known" VS "unknown", if Containment "knows" the software then is allowed, and vice-versa, if Containment "does not know" the program, then is blocked. Nothing more than that! In fact, in the past, a well-known free and widely used program was hacked, and Comodo' "Containment" recognized it as "known", allowed it, the hacked program ran and infected Comodo' users.
In real life dumb binary blockers solely never worked, don't work, and never will work. That's why absolutely no security system (free or paid) ever based its strategy solely on "Containment". Program Virtualization/Containerization is very useful, but only when used as a COMPLEMENT to other intelligent (next-gen) effective security strategies.

Using Comodo while insisting on blocking what is not "known" as a security strategy... is the same as manual hardening of security protocols in the operating system itself. There is no reason to install software, when the same result can be obtained by simply manual customization of settings in the operating system (security hardening). In simple words, just by hardening, for example Windows defender and Windows Firewall, it's possible to achieve exactly same security results. Of course, this dumb strategy will block everything, making normal use impossible, unfeasible for normal users.

In analogy, it's similar to what some software does by allowing/blocking programs. They don't even allow virtualization, they use the "deny all" mechanism, and unauthorized program are not executed.
The difference is that these software never lied like Comodo always lied, they did not present themselves as "unbeatable", and they always were honest in presenting themselves as a kind of mere binary blockers.

The conclusion is that the current "new" CIS 2025, where the "new" only is a different UI, under the hood is the same old software with the same unfixed dangerous old bugs, it DOES NOT serve any user profile, which is why CIS market share has always been, is and will be insignificant. Therefore, any free software on the market is better than CIS 2025.

PS: If Comodo had done things correctly, focusing only on the "Firewall/Containment", fixing bugs, incorporating improvements etc... then an useful software for all user profiles could really be born.

 

[kailyn]

In this context, CIS 2025 is presented as a package of free security tools, which offers to the public a zero-trust solution at no cost.
The problem is that of all these Comodo' free tools, only one has some value ("Sandbox/Containment"). And if this tool is disabled, then any user profile will have a 100% chance of infection. Therefore, any free software on the market is better than CIS 2025.

1. Nobody would use Comodo with virtualized sandboxing disabled.
2. Home users can and do turn off all those security software "better than CIS 2025" and therefore have a 100% chance of infection.

But even if "Containment" is enabled, there are also other problems, first because there is no such thing like an "unbeatable software", and second because CIS has accumulated dangerous bugs for the past 5 years. And repeatedly, it was already proven that "Containment" is by-passable.

Please provide those "accumulated dangerous bugs" and provide evidence that they have ever been exploited or resulted in meaningful or significant harms to any comodo user.

Unfortunately, Comodo' fanatics have the terrible habit of mental SELECTIVITY, commenting only on cases where "Containment" works, ignoring all the repeated cases where "Containment" did not work, failed and was bypassed.

Please provide those "repeated cases where 'Containment' did not work, failed and way bypassed" and caused harms to any comodo user. Provide even POCs that any malicious attacker used the POC to bypass containment.

In the same way, Comodo' fanatics also selectively manipulate security reports, only using results where Comodo did well in the rankings, while omitting and ignoring the vast majority of reports, where Comodo's mediocrity is proven year after year.

Please provide even one of "the vast majority of reports, where Comodo's mediocrity is proven year after year."

Even worse, as I mentioned, the audience that consumes free software is generally home users, and this audience is "plug-and-play", they know nothing, read nothing, and they are not interested in any type of software configuration. Therefore, this public does not have the slightest idea and does not want to deal with programs that are automatically blocked by CIS "Containment" (remembering that most of the programs blocked by CIS in "Containment" do not manage to be virtualized).

Please provide evidence that supports your generalization that "this public does not have the slightest idea and does not want to deal with programs that are automatically blocked by CIS 'Containment'" (remembering that most of the programs blocked by CIS in 'Containment' do not manage to be virtualized)."

Both the automatic blocking Containment option, as well as the "ask before Containing" option, is a failed zero-trust approach for home users, because I repeat, users do not want their programs blocked, and users are "happy-clickers" (they don't know what to allow or what to block).
Therefore, same logic, any free software on the market is better than CIS 2025.

Then why do home users continue to download and use CIS? Why does "any free software on the market is better than CIS 2025" routinely fail to protect home users because they fail to detect, prevent, or correct malware? Why are there countless malware removal requests by those using "any free software on the market [that] is better than CIS 2025" but there has never been a malware removal request made by a CIS user?

It's necessary (once and for all) to put an end to the lies and myths of Comodo' fanatics: Comodo' zero-trust approach is a fallacy, because it's not a security system!

Then why do security products such as Kaspersky and Bitdefender utilize a variant of the "Comodo zero-trust approach" for their banking protections? Why would these "better than CIS 2025" products incorporate a zero-trust mechanism that is a "fallacy" and is not a "security system"?

In real life dumb binary blockers solely never worked, don't work, and never will work. That's why absolutely no security system (free or paid) ever based its strategy solely on "Containment". Program Virtualization/Containerization is very useful, but only when used as a COMPLEMENT to other intelligent (next-gen) effective security strategies.

Then how to you explain the existence and success of Shadow Defender, Sandboxie, BufferZone, Bromium, VMWare's & Oracle's virtualization products? There is also VDI. Why have these "Program Virtualization\Containerization" centric products been so effective at protecting systems? Why do home users continue to use and praise them?

In fact, in the past, a well-known free and widely used program was hacked, and Comodo' "Containment" recognized it as "known", allowed it, the hacked program ran and infected Comodo' users.

That is a single instance and it was fixed within 24 hours of being reported. Please provide additional examples as nobody can make a judgment based upon a single example. Did that case result in any harm of any kind to any comodo user?

Using Comodo while insisting on blocking what is not "known" as a security strategy... is the same as manual hardening of security protocols in the operating system itself. There is no reason to install software, when the same result can be obtained by simply manual customization of settings in the operating system (security hardening). In simple words, just by hardening, for example Windows defender and Windows Firewall, it's possible to achieve exactly same security results. Of course, this dumb strategy will block everything, making normal use impossible, unfeasible for normal users.

While comodo can be configured to behave as 100% default-deny of runtime, can you give a single example of anyone configuring and using it in that capacity? Also why do home users and organizations successfully use the various Windows hardening utilities and scripts and they have no system usability issues?

What about all the false positive blocks of programs by all those "better than CIS 2025" security software that break or cause issues with applications and the operating system?

The difference is that these software never lied like Comodo always lied, they did not present themselves as "unbeatable", and they always were honest in presenting themselves as a kind of mere binary blockers.

Please provide one statement by anyone, anywhere, at any point in time that claims that comodo is "unbeatable."

The conclusion is that the current "new" CIS 2025, where the "new" only is a different UI, under the hood is the same old software with the same unfixed dangerous old bugs, it DOES NOT serve any user profile, which is why CIS market share has always been, is and will be insignificant.

Please supply evidence of your claim that "CIS market share has always been, is and will be insignificant". Do you have reliable statistics that show the number of downloads, installs, active instances, and uninstalls of CIS over the decades?