Hi guys I’ve been doing some research to understand the difference between heuristics & HIPS. From my research they seem similar. The only real difference I can come up with is HIPS generally will nag the user and ask them to make a choice while *I think* heuristics will use use algorithms/machine learning/ect to make the decision. I know some behavior blockers are HIPS based and some are heuristics based. I would think Emsisoft is probably HIPS based (probably a little smarter than that based upon whether to show the user a dialog or not) and Bitdefender seems to be heuristics based (autopilot).
While I could easily accept this answer, it seems incomplete. ESET is known to not have a behavior blocker. According to the following post where people were complaining of the lack of a BB in ESET:
"We don't perform behavior blocking"
There are forum mods that are defending the lack of a behavior blocker because they don’t want dialogs nagging users in an enterprise type of environment and go on to say they do have heuristics. Wouldn’t the heuristics be considered to be behavior blocking? Bitdefender doesn’t generally show dialogs to the user and they are considered to have a true behavior blocker and to make matters even more confusing in Eset allows you to enable/disable HIPS through their interface.
While I could easily accept this answer, it seems incomplete. ESET is known to not have a behavior blocker. According to the following post where people were complaining of the lack of a BB in ESET:
"We don't perform behavior blocking"
There are forum mods that are defending the lack of a behavior blocker because they don’t want dialogs nagging users in an enterprise type of environment and go on to say they do have heuristics. Wouldn’t the heuristics be considered to be behavior blocking? Bitdefender doesn’t generally show dialogs to the user and they are considered to have a true behavior blocker and to make matters even more confusing in Eset allows you to enable/disable HIPS through their interface.