Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Default Deny VS traditional AVs
Message
<blockquote data-quote="JM Safe" data-source="post: 758543" data-attributes="member: 35684"><p>Security has evolved and grew in those last years, now there are avalaible some products (also free) which offer a default deny protection. But let's discuss: is it better to use a traditional AV with a powerful signatures engine, like Bitdefender and Kaspersky, or use a default deny software? There are pros and cons: default deny solutions can block also 0 day/unknown malware samples, but a cons could be if a malware well-written manages to bypass the core of the default deny engine can infect the PC, for example a malware could also kill the main process of the default deny software before it can block it; luckily most of the security software have a strong protection of their processes (if a malware tries to kill a process then it doesn't have privileges because of critical process property). Traditional AVs, on the other hand, can block malware immediately for example when the malware is downloaded or dropped if it is detected by the signature engine. Honestly with my config I really like and use Kaspersky Free; I would like also to try again Comodo Firewall HIPS (I tried it last time several months ago) but it seems there are still unsolved bugs which compromise the functionality of the product (correct me if I am wrong but I remember Comodo has a bug which made the user rules forgotten).</p><p>Obviously also traditional AVs have evolved a lot: now almost all software have heuristic engine to determine what a file does (its behaviour) and decide if it is malicious or safe. What do you think guys? <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /><img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite110" alt=";)" title="Wink ;)" loading="lazy" data-shortname=";)" /> let's discuss about the future of our config!</p></blockquote><p></p>
[QUOTE="JM Safe, post: 758543, member: 35684"] Security has evolved and grew in those last years, now there are avalaible some products (also free) which offer a default deny protection. But let's discuss: is it better to use a traditional AV with a powerful signatures engine, like Bitdefender and Kaspersky, or use a default deny software? There are pros and cons: default deny solutions can block also 0 day/unknown malware samples, but a cons could be if a malware well-written manages to bypass the core of the default deny engine can infect the PC, for example a malware could also kill the main process of the default deny software before it can block it; luckily most of the security software have a strong protection of their processes (if a malware tries to kill a process then it doesn't have privileges because of critical process property). Traditional AVs, on the other hand, can block malware immediately for example when the malware is downloaded or dropped if it is detected by the signature engine. Honestly with my config I really like and use Kaspersky Free; I would like also to try again Comodo Firewall HIPS (I tried it last time several months ago) but it seems there are still unsolved bugs which compromise the functionality of the product (correct me if I am wrong but I remember Comodo has a bug which made the user rules forgotten). Obviously also traditional AVs have evolved a lot: now almost all software have heuristic engine to determine what a file does (its behaviour) and decide if it is malicious or safe. What do you think guys? :);) let's discuss about the future of our config! [/QUOTE]
Insert quotes…
Verification
Post reply
Top