Security has evolved and grew in those last years, now there are avalaible some products (also free) which offer a default deny protection. But let's discuss: is it better to use a traditional AV with a powerful signatures engine, like Bitdefender and Kaspersky, or use a default deny software? There are pros and cons: default deny solutions can block also 0 day/unknown malware samples, but a cons could be if a malware well-written manages to bypass the core of the default deny engine can infect the PC, for example a malware could also kill the main process of the default deny software before it can block it; luckily most of the security software have a strong protection of their processes (if a malware tries to kill a process then it doesn't have privileges because of critical process property). Traditional AVs, on the other hand, can block malware immediately for example when the malware is downloaded or dropped if it is detected by the signature engine. Honestly with my config I really like and use Kaspersky Free; I would like also to try again Comodo Firewall HIPS (I tried it last time several months ago) but it seems there are still unsolved bugs which compromise the functionality of the product (correct me if I am wrong but I remember Comodo has a bug which made the user rules forgotten).
Obviously also traditional AVs have evolved a lot: now almost all software have heuristic engine to determine what a file does (its behaviour) and decide if it is malicious or safe. What do you think guys? let's discuss about the future of our config!
Obviously also traditional AVs have evolved a lot: now almost all software have heuristic engine to determine what a file does (its behaviour) and decide if it is malicious or safe. What do you think guys? let's discuss about the future of our config!