Default-Deny Software

[hjlbx]

Currently available default-deny software:

The list includes the most popular, well-known soft products; it might be incomplete

Technically, any HIPS product works on the premise of default-deny; if, upon execution it isn't allowed, then it is blocked - but - except for ReHIPS which uses Windows isolation mechanisms, COMODO for its auto-sandboxing and SpyShelter for its Restricted Apps - HIPS or internet security suites with HIPS are not included

* * * * *

All products can be grouped under the general classification of Application Control

Application Control

• SecureAPlus
• WinAntiRansom

Anti-Executable

• Faronics Anti-Executable
• NoVirusThanks Exe Radar Pro
• Voodooshield

Software Restriction Policy (Includes those that might require the manual writing of rules)

• AppGuard
• AppLocker
• Excubits (Bouncer, Command Line Scanner, FIDES [Pumpernickel], MZ Write Scanner)
• Simple Software Restriction Policy
• Smart Object Blocker

Default-Deny (Other - includes software restriction policy sandboxing, virtual sandboxing, and Windows built-in protection mechanisms)

• COMODO Firewall
• COMODO Internet Security
• Kaspersky Trusted Application Mode

The ones below there will be valid arguments for and against inclusion in the list; black-and-white classification is not always so clear-cut or simple

• ReHIPS
• SpyShelter
• SpyShelter Firewall

 

[_CyberGhosT_]

Laid out nicely
Thanks for that hjlbx !

 

[XhenEd]

Kaspersky's Trusted Applications Mode.
It's not stand-alone, though.

 

[jamescv7]

Very good list, people should carefully manage the setup cause they are powerful especially for possible erroneous operation.

Firewall like Zonealarm and few others have also contains basic default-deny.

 

[Cch123]

Great list, for me I would add Avast Hardened mode and Kaspersky TAM to application control as well.

 

[shmu26]

Great list, for me I would add Avast Hardened mode and Kaspersky TAM to application control as well.

avast hardened mode will monitor .exe files only, not .js and other scripts

 

[Av Gurus]

How about Simple Software-restriction Policy

 

[hjlbx]

How about Simple Software-restriction Policy

Yes, SSRP was on the original list.

 

[yigido]

Kaspersky TAM feature(!) many times trusts the adwares which digitally signed. and

Kaspersky's Trusted Applications Mode.
It's not stand-alone, though.

I second that.

 

[Av Gurus]

Yes, SSRP was on the original list.

I guess I jumped when I read ...
And what about the SRP option?

 

[ZeroDay]

Sorry to bring up an old thread, but I've been testing Simple Software restriction policy and it seems like a very solid piece of software even novice users could use this and it's free.

 

[Deleted member 178]

Yes excellent Apps.

 

[ravi prakash saini]

please have a look at AppSamvid
Cyber Swachhta Kendra: Security Tools

 

[Prayag]

please have a look at AppSamvid
Cyber Swachhta Kendra: Security Tools

cruelsister already made a video reviewing it. Go check that out.Here's the url:

 

[Hector1]

Great list, for me I would add Avast Hardened mode and Kaspersky TAM to application control as well.

Avast Hardened Mode is not default deny!

 

[509322]

why not? it blocks any unknown executable that is not in avast whitelist database... what is that action called?



only bad thing is that nor kaspersky nor avast dont block scripts

Kaspersky Application Control blocks scripts. It depends upon what settings used.

 

[509322]

maybe avast has such an option too?

No.

 

[Hector1]

why not? it blocks any unknown executable that is not in avast whitelist database... what is that action called?



only bad thing is that nor kaspersky nor avast dont block scripts

It's weaker than real default deny solution (and I use Avast and I like it with comodo firewall but comodo itself, voodooshiel or NVT ERP are more and more stronger like default deny).

 

[509322]

It's weaker than real default deny solution (and I use Avast and I like it with comodo firewall but comodo itself, voodooshiel or NVT ERP are more and more stronger like default deny).

You can set COMODO sandbox to block all unrecognized files. With that setting COMODO does exactly the same thing as anti-executable or SRP - including blocking of any scripts.