Serious Discussion Harmony Endpoint by Check Point

Xeno1234

Xeno1234

Level 14
Jun 12, 2023
684
Trident said:
The NGAV (also known as static analysis) is developed by Check Point and layered with other engines.
Click to expand...
Ok thank you :D

Trident said:
Yes, it is. By default it works on medium aggressivness as opposed to ZoneAlarm where it is not aggressive. Also, it is possible to ask support to enroll you into early availability models for NGAV and behavioural guard.
Click to expand...
Is it possible to increase the aggressiveness of NGAV or is it always at Medium Aggressiveness.
 
  • Like
Reactions: Dave Russo and Trident
N

NormanF

Level 9
Verified
Jan 11, 2018
404
Trident said:
It is possible only through support but I’ve not done it myself. You can also ask to enable experimental models but it must be via support. You can’t do it yourself.
Click to expand...

Experimental mode is like beta. You can test new features becoming available. A monthly subscription to an endpoint product saves one the hassle of getting a renewal license every year and you still benefit from updated protection that's being added to the product.
 
Trident

Trident

Level 34
Thread author
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
NormanF said:
Experimental mode is like beta. You can test new features becoming available. A monthly subscription to an endpoint product saves one the hassle of getting a renewal license every year and you still benefit from updated protection that's being added to the product.
Click to expand...
Models, not mode. Models. Detection and protection machine learning models for static analysis, and behavioural guard will become available to you before they hit everyone else. These models are not quality tested (you will be the lab mouse) and may produce false positives. They may improve detection potentially.
 
  • Like
Reactions: simmerskool
N

NormanF

Level 9
Verified
Jan 11, 2018
404
Trident said:
Models, not mode. Models. Detection and protection machine learning models for static analysis, and behavioural guard will become available to you before they hit everyone else. These models are not quality tested (you will be the lab mouse) and may produce false positives. They may improve detection potentially.
Click to expand...
Sorry, I thought you misspoke! Anyway, good point that's how they can figure out what works and what doesn't work in the future. Getting the security algorithm right is important in making a product capable of providing the best endpoint protection against current and emerging malware threats.
 
  • Like
Reactions: Trident
Shadowra

Shadowra

Level 36
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,586
lyldz said:
Try jdownloader 2
İts blocked by harmony.interesting 2 years use it and never problems by this.
Click to expand...

Yup

image_2023-07-09_112117071.png
 
  • Like
Reactions: Nevi, piquiteco, Trident and 2 others
Trident

Trident

Level 34
Thread author
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
simmerskool said:
Isn't this detection the function of conservative business / enterprise config compared to home use AV, ie, not exactly false positives, but rather business conservative
Click to expand...
It is business conservative. Poor software like these 2 download managers, apart from being redundant (the browser can already do the download for you) open additional doors for exploits that the authors, judging by their poor websites, won’t really take care of. Just like Comodo with their CVEs. And these components are easy to be exposed to unsanitary content. You are just increasing the attack surface with them.
 
  • Like
  • +Reputation
Reactions: Nevi, piquiteco, Dave Russo and 1 other person
Trident

Trident

Level 34
Thread author
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
cruelsister said:
All of which quite old, long since patched and non-existent on current builds. Unlike:CPAI-2023-0479 - Check Point Software
Click to expand...
This vulnerability is in the Secure Gateway and a fix has been provided in a timely manner.
Unlike here, where there is no fix:

CVE-2022-34008 : Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalat

CVE-2022-34008 : Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. To escalate privilege, a low-privileged attacker can use an NTFS
www.cvedetails.com

Also, I believe you know Check Point is the vendor with the least number of vulnerabilities amongst the competition.

And they have the quickest response time. You can do you own CVE search as well.

I also want to make it clear that your Comodo fanboyism will not make it on any of my threads. Remember that.
I suggest you direct Comodo promotions elsewhere.
 
  • Like
  • Love
  • +Reputation
Reactions: Decopi, Nevi, SeriousHoax and 1 other person
Xeno1234

Xeno1234

Level 14
Jun 12, 2023
684
In the event that you delete one of the Zero Day Document Folders that Checkpoint Places, will it come back? I know your not supposed to, however I had some empty ones and I wanted to clean up my files.
 
Trident

Trident

Level 34
Thread author
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Xeno1234 said:
In the event that you delete one of the Zero Day Document Folders that Checkpoint Places, will it come back? I know your not supposed to, however I had some empty ones and I wanted to clean up my files.
Click to expand...
They will be regenerated after you reboot.
 
  • Like
Reactions: simmerskool
F

ForgottenSeer 100397

Trident said:
I also want to make it clear that your Comodo fanboyism will not make it on any of my threads. Remember that.
I suggest you direct Comodo promotions elsewhere.
Click to expand...
"No Comodo fanboys allowed—unless you bring Harmony-worshipping candles and incense!" 😉

@Trident What is it about you that makes every Comodo user a fanboy?
 
Trident

Trident

Level 34
Thread author
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
rhythm said:
@Trident What is it about you that makes every Comodo user a fanboy?
Click to expand...
You are definitely one. Don't make me count all your posts and calculate in percentage how many of them are Comodo worshipping.

I am very familiar with the Comodo user base and fanboys.
 
Last edited:
  • Love
  • Like
Reactions: Decopi and SeriousHoax
D

Decopi

Level 8
Verified
Oct 29, 2017
361
Trident said:
I also want to make it clear that your Comodo fanboyism will not make it on any of my threads. Remember that.
Click to expand...

To say that... it's like throwing holy water at Dracula 🤣😂
By definition, every fanatic is blindly convicted that his fanaticism will make Comodo perfect, even if the post is about Disneyland.

Trident said:
I suggest you direct Comodo promotions elsewhere.
Click to expand...

One of the symptoms of fanboysm is that fanboys cannot deal with any comment about the product they blindly defend, even when the post is not about Comodo.
 
  • Like
  • HaHa
  • Hundred Points
Reactions: Nevi, SeriousHoax, Shadowra and 4 others
N

NormanF

Level 9
Verified
Jan 11, 2018
404
Trident said:
This vulnerability is in the Secure Gateway and a fix has been provided in a timely manner.
Unlike here, where there is no fix:

CVE-2022-34008 : Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalat

CVE-2022-34008 : Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. To escalate privilege, a low-privileged attacker can use an NTFS
www.cvedetails.com

Also, I believe you know Check Point is the vendor with the least number of vulnerabilities amongst the competition.

And they have the quickest response time. You can do you own CVE search as well.

I also want to make it clear that your Comodo fanboyism will not make it on any of my threads. Remember that.
I suggest you direct Comodo promotions elsewhere.
Click to expand...


Speaking of patching, what's your opinion of a patch management module on an endpoint security suite?

Trident said:
They will be regenerated after you reboot.
Click to expand...

The folders will be there regardless of what you decide you want to keep in them. That's why they're named Zero Day Documents.
 
  • Like
Reactions: Dave Russo, [correlate] and Trident

Similar threads

Trident
    • +Reputation
    • Thanks
New Update Announcing End of Life for Kaspersky Engine in Harmony Endpoint
Replies
14
Views
1,254
Other security for Windows, Mac, Linux
Trident
Trident
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review CheckPoint Harmony Endpoint Security 2024
Replies
40
Views
3,527
Video Reviews - Security and Privacy
Vitali Ortzi
Vitali Ortzi
Vitali Ortzi
    • Like
    • +Reputation
Serious Discussion [Extension]Checkpoint harmony web protection
Replies
20
Views
1,105
Web Extensions
Vitali Ortzi
Vitali Ortzi

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top