Serious Discussion Harmony Endpoint by Check Point

Xeno1234

Level 14
Jun 12, 2023
684
The NGAV (also known as static analysis) is developed by Check Point and layered with other engines.
Ok thank you :D

Yes, it is. By default it works on medium aggressivness as opposed to ZoneAlarm where it is not aggressive. Also, it is possible to ask support to enroll you into early availability models for NGAV and behavioural guard.
Is it possible to increase the aggressiveness of NGAV or is it always at Medium Aggressiveness.
 

NormanF

Level 9
Verified
Jan 11, 2018
404
It is possible only through support but I’ve not done it myself. You can also ask to enable experimental models but it must be via support. You can’t do it yourself.

Experimental mode is like beta. You can test new features becoming available. A monthly subscription to an endpoint product saves one the hassle of getting a renewal license every year and you still benefit from updated protection that's being added to the product.
 

Trident

Level 34
Thread author
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Experimental mode is like beta. You can test new features becoming available. A monthly subscription to an endpoint product saves one the hassle of getting a renewal license every year and you still benefit from updated protection that's being added to the product.
Models, not mode. Models. Detection and protection machine learning models for static analysis, and behavioural guard will become available to you before they hit everyone else. These models are not quality tested (you will be the lab mouse) and may produce false positives. They may improve detection potentially.
 
  • Like
Reactions: simmerskool

NormanF

Level 9
Verified
Jan 11, 2018
404
Models, not mode. Models. Detection and protection machine learning models for static analysis, and behavioural guard will become available to you before they hit everyone else. These models are not quality tested (you will be the lab mouse) and may produce false positives. They may improve detection potentially.
Sorry, I thought you misspoke! Anyway, good point that's how they can figure out what works and what doesn't work in the future. Getting the security algorithm right is important in making a product capable of providing the best endpoint protection against current and emerging malware threats.
 
  • Like
Reactions: Trident

Shadowra

Level 37
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,630
Try jdownloader 2
İts blocked by harmony.interesting 2 years use it and never problems by this.

Yup

image_2023-07-09_112117071.png
 

Trident

Level 34
Thread author
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Isn't this detection the function of conservative business / enterprise config compared to home use AV, ie, not exactly false positives, but rather business conservative
It is business conservative. Poor software like these 2 download managers, apart from being redundant (the browser can already do the download for you) open additional doors for exploits that the authors, judging by their poor websites, won’t really take care of. Just like Comodo with their CVEs. And these components are easy to be exposed to unsanitary content. You are just increasing the attack surface with them.
 

Trident

Level 34
Thread author
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
All of which quite old, long since patched and non-existent on current builds. Unlike:CPAI-2023-0479 - Check Point Software
This vulnerability is in the Secure Gateway and a fix has been provided in a timely manner.
Unlike here, where there is no fix:

Also, I believe you know Check Point is the vendor with the least number of vulnerabilities amongst the competition.

And they have the quickest response time. You can do you own CVE search as well.

I also want to make it clear that your Comodo fanboyism will not make it on any of my threads. Remember that.
I suggest you direct Comodo promotions elsewhere.
 

Xeno1234

Level 14
Jun 12, 2023
684
In the event that you delete one of the Zero Day Document Folders that Checkpoint Places, will it come back? I know your not supposed to, however I had some empty ones and I wanted to clean up my files.
 

Trident

Level 34
Thread author
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
In the event that you delete one of the Zero Day Document Folders that Checkpoint Places, will it come back? I know your not supposed to, however I had some empty ones and I wanted to clean up my files.
They will be regenerated after you reboot.
 
  • Like
Reactions: simmerskool
F

ForgottenSeer 100397

I also want to make it clear that your Comodo fanboyism will not make it on any of my threads. Remember that.
I suggest you direct Comodo promotions elsewhere.
"No Comodo fanboys allowed—unless you bring Harmony-worshipping candles and incense!" 😉

@Trident What is it about you that makes every Comodo user a fanboy?
 

Trident

Level 34
Thread author
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
@Trident What is it about you that makes every Comodo user a fanboy?
You are definitely one. Don't make me count all your posts and calculate in percentage how many of them are Comodo worshipping.

I am very familiar with the Comodo user base and fanboys.
 
Last edited:

Decopi

Level 8
Verified
Oct 29, 2017
361
I also want to make it clear that your Comodo fanboyism will not make it on any of my threads. Remember that.

To say that... it's like throwing holy water at Dracula 🤣😂
By definition, every fanatic is blindly convicted that his fanaticism will make Comodo perfect, even if the post is about Disneyland.

I suggest you direct Comodo promotions elsewhere.

One of the symptoms of fanboysm is that fanboys cannot deal with any comment about the product they blindly defend, even when the post is not about Comodo.
 

NormanF

Level 9
Verified
Jan 11, 2018
404
This vulnerability is in the Secure Gateway and a fix has been provided in a timely manner.
Unlike here, where there is no fix:

Also, I believe you know Check Point is the vendor with the least number of vulnerabilities amongst the competition.

And they have the quickest response time. You can do you own CVE search as well.

I also want to make it clear that your Comodo fanboyism will not make it on any of my threads. Remember that.
I suggest you direct Comodo promotions elsewhere.


Speaking of patching, what's your opinion of a patch management module on an endpoint security suite?

They will be regenerated after you reboot.

The folders will be there regardless of what you decide you want to keep in them. That's why they're named Zero Day Documents.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top