Default-Deny Software

H

hjlbx

Thread author
Currently available default-deny software:

The list includes the most popular, well-known soft products; it might be incomplete

Technically, any HIPS product works on the premise of default-deny; if, upon execution it isn't allowed, then it is blocked - but - except for ReHIPS which uses Windows isolation mechanisms, COMODO for its auto-sandboxing and SpyShelter for its Restricted Apps - HIPS or internet security suites with HIPS are not included

* * * * *

All products can be grouped under the general classification of Application Control

Application Control
  • SecureAPlus
  • WinAntiRansom
Anti-Executable
  • Faronics Anti-Executable
  • NoVirusThanks Exe Radar Pro
  • Voodooshield
Software Restriction Policy (Includes those that might require the manual writing of rules)
  • AppGuard
  • AppLocker
  • Excubits (Bouncer, Command Line Scanner, FIDES [Pumpernickel], MZ Write Scanner)
  • Simple Software Restriction Policy
  • Smart Object Blocker
Default-Deny (Other - includes software restriction policy sandboxing, virtual sandboxing, and Windows built-in protection mechanisms)
  • COMODO Firewall
  • COMODO Internet Security
  • Kaspersky Trusted Application Mode
The ones below there will be valid arguments for and against inclusion in the list; black-and-white classification is not always so clear-cut or simple
  • ReHIPS
  • SpyShelter
  • SpyShelter Firewall
 
Last edited by a moderator:

Hector1

Level 4
Verified
Well-known
Aug 4, 2015
152
why not? it blocks any unknown executable that is not in avast whitelist database... what is that action called?



only bad thing is that nor kaspersky nor avast dont block scripts
It's weaker than real default deny solution (and I use Avast and I like it with comodo firewall but comodo itself, voodooshiel or NVT ERP are more and more stronger like default deny).
 
5

509322

Thread author
It's weaker than real default deny solution (and I use Avast and I like it with comodo firewall but comodo itself, voodooshiel or NVT ERP are more and more stronger like default deny).

You can set COMODO sandbox to block all unrecognized files. With that setting COMODO does exactly the same thing as anti-executable or SRP - including blocking of any scripts.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top