Serious Discussion Harmony Endpoint by Check Point

likeastar20

Level 9
Verified
Mar 24, 2016
423
Did you remove the scan size limit prior to scanning?
This ?
setting.PNG
 

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,158
Hello :)

I made a fight... Harmony vs DeepInstinct.
Since I'm busy this weekend, the video will be out on Monday :)
(you have to give me time to edit the video :p )

Whack them hard man! I'm still deciding which to choose between the 2 of them. Get some ransomware and info stealer samples and see who can take it more. I wonder what would happen to DI if it gets hit by a ransomware?

Maybe your test will be my decision.

:D
 

likeastar20

Level 9
Verified
Mar 24, 2016
423
Whack them hard man! I'm still deciding which to choose between the 2 of them. Get some ransomware and info stealer samples and see who can take it more. I wonder what would happen to DI if it gets hit by a ransomware?

Maybe your test will be my decision.

:D
IMO Harmony is a better prevention software compared to DeepInstinct, but the test done by @Shadowra does not really take into account the emulation aspect of Harmony, so I think they will be even or win for DeepInstinct(is much more likely to occur if the Sophos engine is being used.)
 
Last edited:

Trident

Level 34
Thread author
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
IMO Harmony is a better prevention software compared to DeepInstinct, but the test done by @Shadowra does not really take into account the emulation aspect of Harmony, so I think they will be even or win for DeepInstinct
Most likely. But on the test I saw it was deployed with Kaspersky engine hence I did not insist on deploying Application Control and others. Kaspersky engine has huge advantage over deep instinct with memory scanning. This can detect a lot of packers and fileless malware. DeepInstinct can be configured not to allow scripts at all but if they are allowed, has nothing to stop them. It will be an interesting test to see.
 

piquiteco

Level 14
Verified
Top Poster
Well-known
Oct 16, 2022
624
@Trident I apologize that I posted some unrelated stuff and ended up going off topic for Harmony Endpoint by Check Point. You are my friend, it is not because you are a friend that I will abuse your kindness. I did the test, but as I said I will post it in another related topic. I don't know your time zone, now go rest when you can, don't stress, take care. Regards!:)
 

Trident

Level 34
Thread author
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
@Trident I apologize that I posted some unrelated stuff and ended up going off topic for Harmony Endpoint by Check Point. You are my friend, it is not because you are a friend that I will abuse your kindness. I did the test, but as I said I will post it in another related topic. I don't know your time zone, now go rest when you can, don't stress, take care. Regards!:)
It’s ok, the discussion was about malware, I like this topic so no worries there.
 

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,597
DeepInstinct can be configured not to allow scripts at all but if they are allowed, has nothing to stop them. It will be an interesting test to see.
That's not quite right. DeepInstinct can be configured to block scripts in general, but it also anyalyzes the behaviour of potentially malicious script executions. So yeah, it can't detect malicious scripts with it's static engine, but it can analyze scripts dynamically post-execution.

Screenshot 2023-06-25 114034.png
 
Last edited:

piquiteco

Level 14
Verified
Top Poster
Well-known
Oct 16, 2022
624
Now I understand why @Kongo @Trident like the products DeepInstinct and Harmony Endpoint by Check Point the @Shadowra also seems I saw him commenting in another post that uses trend micro in his service, these products are better, provides more complete reports. The home products are very limited. These would be the endpoints, if I am wrong you correct me?
 

Shadowra

Level 37
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,631
Now I understand why @Kongo @Trident like the products DeepInstinct and Harmony Endpoint by Check Point the @Shadowra also seems I saw him commenting in another post that uses trend micro in his service, these products are better, provides more complete reports. The home products are very limited. These would be the endpoints, if I am wrong you correct me?

Harmony and DeepInstinct are indeed enterprise versions.
At the company where I used to work, yes, they have Trend Micro ApexOne, which provides protection with rules like Harmony and DI, but it also has an EDR.
 

Shadowra

Level 37
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,631
Most likely. But on the test I saw it was deployed with Kaspersky engine hence I did not insist on deploying Application Control and others. Kaspersky engine has huge advantage over deep instinct with memory scanning. This can detect a lot of packers and fileless malware. DeepInstinct can be configured not to allow scripts at all but if they are allowed, has nothing to stop them. It will be an interesting test to see.

A little bird tells me that the test may come out sooner than expected :p (I've just finished editing).

Capture d’écran 2023-06-25 122912.png
 

Shadowra

Level 37
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,631
If I understand it as Bitdefender GravityZone? then Symantec Endpoint is similar to Kaspersky Small Office Security? which I have used in the past in the trial version.

I've never tested GravityZone.
On the other hand, Kaspersky's OfficeSecurity can be compared to SEP, even though it doesn't have an administration console.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top