Battle Internet Security: Comodo 10 VS Kaspersky 2017

LukeNukesEm

Level 5
Thread author
Verified
Sep 14, 2016
204
Now I know there are a ton of kaspersky fanboys here (including myself) but I want to compare the 2 most secure suites (IMO). Kaspersky VS Comodo. I don't really care about signature protection, I'm more for features, behavior blocking, and firewalls. So excluding signature protecton, which would be the most secure? (Note I also have HMPA and VoodooShield, so any features equivalent to those don't matter to me).

EDIT: Forgot to mention, please do not be biased.
 
Last edited:

enaph

Level 28
Verified
Honorary Member
Top Poster
Well-known
Jun 14, 2011
1,787
If you already use VS and HMPA I wouldn't go any step further and stay with them as whitelisting is much easier to maintain and more secure than any sandbox or bb.
I don't know if you also really need a FW since built in Windows firewall is more than enough for home use.
But it's your show :rolleyes:
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
once you have voodooshield, you have default/deny already. So COMODO will not really add very much to your protection, unless you are really into tweaking your firewall rules, or you like to play with sandboxed apps.

so in your case, Kaspersky will add more to your protection, because it is very strong in BB.
 

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
One advantage of some of the best protection suites is system protection. Aside from the anti-malware/anti-virus aspect, some of them do a great job looking after sensitive areas of Windows. This is helpful in regards to the performance of the PC long term. I don't know personally, but I imagine Kaspersky will provide excellent system protection. Comodo is bullet-proof against malware if the user follows the advice of prompts, and they are generally very good and apply the correct pressure. Not going to get system protection to speak of, though. HIPs helps with this, but Comodo's HIPs don't compare to the system-wide protection of even 360 Total Security...the only BB I can speak for at this point. Fairly sure Kaspersky will beat this and I think Emsisoft will surely beat this, too.

If you want HIPs, you can add HIPs with ReHIPS or something. Not that Comodo isn't good. Looking under the hood, the program is even a dice clever. I admit this surprised me some. Comodo devs have done a good job of thinking things through in a number of meaningful ways. Beyond this though, Kaspersky gives a different flexibility that might be more valuable if you can only choose one, and if you have money to spend. This is close, and I thought after using Comodo Firewall for a few days that this version might be an alert for companies like Kaspersky. Not that they will lose anyone over Comodo, but what about 2 versions from now, when the settings are all understandable by anyone and linked conveninently.

Kaspersky but Comodo is on the map for home use. Not sure where they are with their enterprise products.
 
5

509322

My bad, ment signatures.

If you remove signatures, then it is close. K has better behavior blocking, whereas C has its autosandboxing based upon file reputation. It has Viruscope too - which is similar to K's System Watcher. I think K's System Watcher is more capable than C's Viruscope.

For behavior blocking to work, you have to execute the file - and hope the behavioral algorithms detect and prevent damage. K also applies restrictions to unknown\low reputation files by assigning them to Low and High Restricted. You can further tighten the policy restrictions manually for those groups. In short, K uses policy sandboxes.

With autosandboxing, the file is executed in a virtual container. In C you can also tighten the restriction policies in the sandbox. So you have both a virtual and policy sandbox.

Oh my... which is more robust ?

Answer: virtual container (sandbox) gives COMODO and edge
 
Last edited by a moderator:

Handsome Recluse

Level 23
Verified
Top Poster
Well-known
Nov 17, 2016
1,242
If you already use VS and HMPA I wouldn't go any step further and stay with them as whitelisting is much easier to maintain and more secure than any sandbox or bb.
I don't know if you also really need a FW since built in Windows firewall is more than enough for home use.
But it's your show :rolleyes:
CF has a more convenient outbound firewall though but I agree that it wouldn't add much but the number of programs is still one integer more. CF's auto-sandboxing is really good though and I find it more convenient than VoodooShield Free.
 
5

509322

@Lockdown What about behavioral blocking to stop unknown behaviors of trusted programs?

That's the whole concept of trusted programs - over time their default behaviors have proven to be trustworthy. Generally, they aren't monitored. What and how they are monitored varies from product to product.

However, more than a few Windows processes can be abused by malware - hence the terminology "vulnerable processes." Interpreters are a prime example. Emsisoft uses a command line parser as part of their behavior blocker (you'd have to ask Fabian Wosar for the nitty-gritty on it).

Good programs to deal with vulnerable processes are software restriction policies, anti-executables, and HIPS. Using these you can disable, restrict and\or monitor vulnerable processes.

For the high-risk, click-happy user group, processes like powershell, wscript, cscript, RegAsm, etc are a menace and should be disabled, monitored and run with restricted privileges. Actually, if you have no need of vulnerable processes, then they should simply be disabled.

There's a few strategies to deal with it - each involving a certain set of inconveniences. Nothing too annoying. The minor inconvenience is well worth the much increased security.
 
Last edited by a moderator:

XhenEd

Level 28
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 1, 2014
1,708
@Lockdown What about behavioral blocking to stop unknown behaviors of trusted programs?
In addition to @Lockdown's post, if you enable Trusted Applications Mode, Kaspersky creates two folders in the Application Control's Trusted list: Additionally Controlled, and Control created Programs. Based on TAM's documentation, I presume that all programs that are in these folders are monitored. These programs are not allowed to do things outside their designed operations. In this way, TAM acts similar to AppGuard's MemoryGuard. :)
 

LukeNukesEm

Level 5
Thread author
Verified
Sep 14, 2016
204
Kaspersky. No competition. They have a track record in having the best detection rates in the industry. Great exploit prevention.

Comodo is not a security company. Their main business is selling SSL certificates.They only release security software to pimp SSL cert sales.
You must've not read the description haha. I am not looking for signature protection, I am looking for a more secure, complex setup.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top