Hey everyone! I'm Nati, head of Guardio Labs - Guardio's research group. I was very glad to see this thread and your relevant comments and ideas! Will do my best to answer all your questions here:
-
Guardio is not an Anti-Virus - That is kind of our motto here. We realize that the most abused attack vector these days is our browser - we do everything with it from work, gaming, shopping, social, emails... and meanwhile get tons of phishing, malvertising, and other scam attempts. This is why we focus our current efforts on a solution that is a browser extension (chromium based - Chrome and Edge, no firefox/safari at least for now). This is how we can be first to block those attempts - not only bad advertisements (e.g. adblockers) but also phishing links, tech support scams (that start as a phone call/email), bad files download, malicious chrome extensions, browser hijackers... basically stop any malicious activity that is focused or starts in your browser. So, for example, we stop malware before it was even downloaded...
-
Smartscreen / Safe Browsing vs. Guardio - Indeed there are built-in solutions, yet those are unfortunately not enough. Our group of analysts and researchers are working hard to find more and more ways to block new scams and malicious activities, way before standard solutions are able to. We've seen many high-volume as well as targeted attacks that for days and even weeks were ignored by those methods. Also, malware loaders being tagged as safe in virustotal and other EDRs. Our approach managed to capture those right on start and of course block those attempts for our users. We share some of those research details and conclusions in our blog so feel free to visit us and read more about it at:
Guardio – Medium
-
Downloads Block - we block bad downloads at several checkpoints along the way. Blocking the original serving domains, blocking websites that link or manipulate you to download it, and also blocking the download itself after scanning attributes of the file (before releasing it for the user to execute). We make the max out of what the extension context allows us + using our backend data stream to make real-time decisions.
Hope those answer your questions! Please feel free to ask any other questions, we will be happy to hear your suggestions as well!
Nati,
Guardio Labs -
https://labs.guard.io
Guardio -
https://www.guard.io