Advice Request How does hardened ESET compare to other AVs?

Please provide comments and solutions that are helpful to the author of this topic.

F

ForgottenSeer 72227

Anti exploit is mainly for 0day mitigation and sufficiently orthogonal to the other components. Everything you’ve said about updates, more layers is true but this doesn’t change that anti exploit is excellent mitigation on its own right

Oh don't get me wrong, I am in no way against someone using an anti-exploit program, I understand it can be very useful. My post was mostly to highlight the fact that I don't believe Eset's anti-exploit feature has been thoroughly tested, so I don't think we know for sure how it performs. The same can be said for most products that have anti-exploit capabilities, as it's very difficult to test anti-exploit programs/features. Knowing Eset, it's probably very capable, but like every other product it won't be bullet proof, hence my reasoning about keeping everything up to date.

As I've said there's more to Eset than one particular feature, they are all meant to compliment one another. You have to look at the product as a whole, not just one aspect of it and the same can be said for every other program out there.:)
 
  • Like
Reactions: Wraith and Azure

Wraith

Level 13
Verified
Top Poster
Well-known
Aug 15, 2018
634
How good is the anti exploit ? Eg Exploit Guard is quite thorough, I haven’t compared it to HMPA to see if it covers everything but it’s thorough. How good is the ESET anti exploit ? Eg with Exploit Guard when making browser profiles I’ve pretty much enabled all anti exploit mechanisms but two, is ESET as thorough ?
HMPA is a specialised anti exploit tool. You can't compare it with any suite like ESET or Kaspersky both of which have anti exploit capabilities. However their procedure is a bit different. Mostly they block the exploit payload. But believe me if you keep your OS and Softwares patched it's hard to get exploited. Most 0 day exploits target the corporate environment. And once again I repeat ESET HIPS configured properly can block exploits.
 
Last edited:

Wraith

Level 13
Verified
Top Poster
Well-known
Aug 15, 2018
634
Thanks for this, it’s for a friend, I’m quite happy with WD and GPO hardening, but the above sounds quite good. Does it block autorun as well for usb?
Autorun can be blocked within Windows. You can also add SysHardener and OSArmor with ESET to make it bullet-proof. ESET device control will block total access to the device, not just the autorun. Here's some screenshots of the HIPS with the anti executable rule and the Device control.
 

Attachments

  • HIPS 2~2.jpg
    HIPS 2~2.jpg
    123.8 KB · Views: 391
  • HIPS.JPG
    HIPS.JPG
    35.6 KB · Views: 345
  • Devvice Control 2.JPG
    Devvice Control 2.JPG
    76.3 KB · Views: 392
  • Devvice Control.JPG
    Devvice Control.JPG
    33.2 KB · Views: 338

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top