App Review InfoSec Tools - AppGuard Solo

[JoeN]

Content source

https://www.youtube.com/@BretWitt/about

InfoSec Tools - AppGuard Solo

I made this purchase of my own money and I am in no way being sponsored or receiving ANY kickbacks from AppGuard Inc or Blue Planet-works Inc. Today we take 50 samples of malware on a non-networked Win10 VM that has Defender turned off to see how AppGuard fairs. https://www.appguard.us/solo/ **SAMPLES USED** https://docs.google.com/spreadsheets/... Samples thanks to https://bazaar.abuse.ch/browse/ **SAMPLES USED** **NOTES** Per AppGuard's site: Technical Specifications AppGuard is compatible with all recent generations and versions of Windows operating systems (XP, Vista, 7, 8, 8.1, and Windows 10) on various hardware platforms (desktops, laptops, tablets, Surface Pro, embedded systems, ATM’s, Point-of-Sale devices, etc.) with no processor dependency and minimal system resource requirements. It protects popular applications (Microsoft Office, Office 365, PDF readers, Internet Explorer, Chrome, Firefox, etc.) and Virtual Desktop Interface (VDI) platforms, and can be tailored to operate with specific applications as required. OPERATING SYSTEMS Microsoft Windows 7, SP0 and above Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows 10 HARDWARE Minimum 1.80 GHz 1.00 GB of RAM 10 MB Hard Disk free space **NOTES**

InfoSec Tools - AppGuard Solo - Round 2

Continuing the discussion/walkthrough/testing of an endpoint tool I have been keeping my eye on for a few years! That would be the AppGuard software from AppGuard Inc., a subsidiary of Blue Planet-works Inc. I made this purchase of my own money and I am in no way being sponsored or receiving ANY kickbacks from AppGuard Inc or Blue Planet-works Inc. Today we take 15 samples of malware on a networked Win10 VM that has Defender turned off to see how AppGuard fairs. This 15 includes weaponized Word and Excel docs, VBS, and JS files as opposed to the first rounds EXEs. https://www.appguard.us/solo/ **SAMPLES USED** https://docs.google.com/spreadsheets/... Samples thanks to https://bazaar.abuse.ch/browse/ **SAMPLES USED** **NOTES** Per AppGuard's site: Technical Specifications AppGuard is compatible with all recent generations and versions of Windows operating systems (XP, Vista, 7, 8, 8.1, and Windows 10) on various hardware platforms (desktops, laptops, tablets, Surface Pro, embedded systems, ATM’s, Point-of-Sale devices, etc.) with no processor dependency and minimal system resource requirements. It protects popular applications (Microsoft Office, Office 365, PDF readers, Internet Explorer, Chrome, Firefox, etc.) and Virtual Desktop Interface (VDI) platforms, and can be tailored to operate with specific applications as required. OPERATING SYSTEMS Microsoft Windows 7, SP0 and above Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows 10 HARDWARE Minimum 1.80 GHz 1.00 GB of RAM 10 MB Hard Disk free space **NOTES**

 

[simmerskool]

fwiw widers has some recent posts re AG from long time users where they are complaining about errors with current version, 6.7 IIRC -- it seems not always start after reboot... with complaints that support was not responding. My experience from several months ago was that support was replying within 24 hours. I am not currently running AG.

 

[Sandbox Breaker - DFIR]

My question is... does the cost justify the means? I have never agreed with their prices.

 

[Digmor Crusher]

My question is... does the cost justify the means? I have never agreed with their prices.

Its up to you to determine if the cost justifies the means for you. IMO its one of the few programs that will pretty much stop any nasties thrown at it.

 

[Sandbox Breaker - DFIR]

Its up to you to determine if the cost justifies the means for you. IMO its one of the few programs that will pretty much stop any nasties thrown at it.

Isn't it default deny based anyways? I admire the prevention of other process read and write features to prevent injections.

 

[simmerskool]

My question is... does the cost justify the means? I have never agreed with their prices.

I tried it last year, v 6.7.n.n and got for $39 / yr. Used it for about 6 months on win10. I think my experience was similar to @Shadowra's based on his video, blocks almost too much. So setting it up optimally is not exactly straight forward IMO, fwiw. You may be better suited to run it than me, but last time I looked I think it was back at $89 IIRC. I did email support a couple of times and got quick helpful replies, other have complained that support is irregular.

 

[Sandbox Breaker - DFIR]

I'll stick to manually using srp or similar. Still like the app though!

 

[ForgottenSeer 97327]

Agree

I'll stick to manually using srp or similar. Still like the app though!

Agree +1