App Review Faronics Anti-Executable

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Product name
Faronics Anti-Executable
Installation (rating)
5.00 star(s)
User interface (rating)
5.00 star(s)
Accessibility notes
UI is simple because it doesn't have much features.
Performance (rating)
3.00 star(s)
Core Protection (rating)
5.00 star(s)
Additional Protection notes
Protection is 5 stars, Can't find any fault with it.
Positives
    • Minimal setup required
    • Highly configurable
    • Simple and non-intrusive
    • Ransomware protection
    • Strong and reliable protection
    • Detects or blocks in the wild malware
    • Compatible with other anti-virus software
    • Features you can't get elsewhere for free
    • Well designed, clear and easy to use interface
Negatives
    • Can be costly to run
Time spent using product
Overall rating
4.00 star(s)

Victor M

Level 7
Thread author
Verified
Well-known
Oct 3, 2022
342
I have been using Faronics Anti-Executable for a couple of months on my Win 11 box.

It has very few settings. Enabled, Disabled and Maintenance Mode. In order to do Windows Update, you have to wait till all the updates are downloaded and installed, as per Settings > Windows Update, then go into your admin account and set FAE to maintenance mode. Then reboot and let Windows update itself. If you don't set it to maintenance mode, the update will fail. Then after the reboot is complete, go and turn FAE back to enabled. On my i5-4th generation cpu, you have to wait 15 mins for FAE to turn back on to Enabled mode. I think it is checking to see what files are updated.

One thing I was uncertain about is whether exiting maintenance mode will mark malware as whitelisted. But it seems that it still selectively pops up and asks you about each uncommonly accessed exe. So I am probably worrying about nothing.

You can go to Execution Control List tab to view all the whitelisted exe's, dll's vbscripts and powershell scripts. It takes about 5 mins to load up, because the list contains everything in your machine. There you can reverse your decisions to ban a certain app.

You can password protect FAE to protect it's settings. And a standard user account cannot get to the main menu at all. A standard user account also does not have the ability to OK the execution of any pop up items, you can only acknowledge the pop up. And if you delete your admin account, you won't be able get to back into the program.

There is a temporary execution mode, but I am not sure what that does so I never used it.

All in all, it is a decent program, but it is a bit slow on my old machine.
 
Last edited:

Victor M

Level 7
Thread author
Verified
Well-known
Oct 3, 2022
342
Forgot to add what an anti-executable does. FAE keeps a whitelist of all the executables on your PC and only allow well known exe's to run. If you just downloaded a new program_setup.exe, FAE will prompt you whether you really want this to run. As such, any malware or hacker's tool that is not part of the whitelist will not run.

This is suitable for folks that do not install new programs often. Or a corporate machine where all necessary software are preloaded and is part of a hardened baseline configuration.

The catch is, if you download a malware infested setup exe, and then tell FAE is it OK to run it, FAE will oblige. So you must perform due diligence and check the setup for signatures, whether the signature's company name is correct, scan the setup.exe with an AV, let smartscreen OK it. and check the colour of the UAC prompt.

In short, this program is suitable for controlled environments, where all software is pre-screened and verified. And where unknown software is a red flag. If you worry about hackers invading your environment and installing hacking tools, then this is a good protection to have.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
"Core protection feedback: Protection is 5 stars, Can't find any fault with it."

It is a very good anti-exe. It works similarly to AppLocker and can be probably evaded by some fileless methods, for example:
  • shortcut + LOLBin
  • Exploit + LOLBin
  • document + macro or LOLBin
  • *.hta or *.chm scriplet
  • etc.
But, at home such fileless methods are uncommon. (y)
 
F

ForgottenSeer 69673

This program has been around for many years. It was big hit for schools and libraries. What is nice about it is not only do you have an anti exe but also have same function of restoring on reboot, like shadow Defender. This is why I use SD and Appguard
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
I thought 'core protection' means what the program aims to do, not as in all-in-one security solution.
Anyways I cover the fileless angle by also using OSArmor on the same box.

The problem is that application vendors usually overestimate the abilities of products (marketing strategy). We can see on the Faronics website:
Faronics Anti-Executable blocks any unknown threats that can bypass your antivirus solution. It protects you from sophisticated threats like zero-day attacks, mutating malware and advanced persistent threats that necessitate an approach that goes beyond a traditional antivirus solution, by ensuring only approved applications are allowed to run on a computer.

The above citation is mostly true with some exceptions. Most attacks with fileless techniques can finally end with something that can be blocked by Faronics, so it can provide strong protection. Only some truly fileless methods can evade such protection. OSA should cover most of those methods (depending on configuration). (y)
 

ebocious

Level 5
Verified
Well-known
Oct 25, 2018
232
I’m looking for some sort of anti-executable that password-protects applications, so you can launch PowerShell from a password prompt, without having to go and toggle protection each time. I’ve found a few paid apps that do this (no freebies yet), and at least one says it cannot be bypassed. Whether or not that claim can be backed up remains to be seen.
 
Last edited:

ebocious

Level 5
Verified
Well-known
Oct 25, 2018
232
Good security program, just I could do without so many pop ups.
I still have DeepFreeze from the same company.
Once in a CS class in college, there was a unit with DeepFreeze that was somehow crippled, such that changes were being rolled back with each reboot, but there was no UI to toggle protection. We ended up reloading Windows.
 
  • Like
Reactions: [correlate]

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,479
Faronics Anti-Executable is a game-changer! Its robust security features provide unparalleled protection against unauthorized executables, ensuring airtight defense for your system. The intuitive interface and seamless integration make it a must-have for anyone serious about safeguarding their digital environment. Kudos to Faronics for a top-notch security solution.
You should definitely work for their marketing department if you do not already. 👀
 

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,479
Screenshot 2024-01-19 150137.png
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top