Serious Discussion Is AppGuard better than WDAC and CyberLock ?

[Victor M]

Looking at the AppGuard web site, it seems to do default deny with allowed applications thru behavior? Is this better than WDAC and CyberLock ?

 

[simmerskool]

Looking at the AppGuard web site, it seems to do default deny with allowed applications thru behavior? Is this better than WDAC and CyberLock ?

Shadowra has a video review of AG. some of the config of AG "escapes me" -- when you look at its logs there are so many blocks, I (& perhaps others) found it overwhelming or confusing. This became more obvious when AG updated from v4 into v5 & v6. See also posts at wilders. Having run both AG & VS/CL I prefer CL. I think folks 'argue" over which provides better protection. I have no comment on WDAC.

 

[WhiteMouse]

For me it's a no. I can't compare to Cyberlock because I haven't used it.
1. It requires a subscription every year.
2. It's just whitelist eveything in Program Files (x86), Program Files, Windows folder without checking permission (is it user writeable?). In WDAC, even if you whitelist a folder, if it's a user writeable folder, the rule will be ignore unless policy rule 18 is on.
3. It doesn't have anti admin tampering like WDAC.

 

[[correlate]]

I recommend CyberLock
It is a good choice for protection

 

[ForgottenSeer 97327]

WDAC is the strongest solid one (blocks even the highest integrity rights). Cyberlock is the easiest to use.

AppGuard made sense before Windows10 and before the integration of AI and behavioral monitoring into consumer security. The advantage AppGuard has over Software Restriction Policies that it runs as system process (SRP runs in userland) and is much more granular. It also was one of the first ro offer exploit protection mechanism. I once had a license of Adguard Solo, but I think it is overrated (like OS-Armor is now also). They had a stronghold, but the OS and everyday paid consumer security products closed the gaps they were a solution for.

Worth mentioning two free security products which offer a cloud based whitelist solution
a) Microsoft Defender when run at MAX level (using Configure Defender)
b) Avast Free using hardened mode

When you combine either of the two with Simple Windows Hardening, I can't imagine malware passing those hurdles. Same applies for a bitdfender free with CyberLock combo. I also can't image you ever to get infected. There more roads leading to Rome.

IMO both AppGaurd and OS-Armor are a feel good investment. It feels good to have an additional level of security, but the practical added value in terms of protection is minimal.

 

[Freki123]

For me it's a no. I can't compare to Cyberlock because I haven't used it.
1. It requires a subscription every year.

You can get a lifetime license (100 years) for 90$.

 

[simmerskool]

a) Microsoft Defender when run at MAX level (using Configure Defender)

Does Dan's DefenderUI offer the same max settings as Andy's ConfigureDefender? Or does Andy's go deeper. (I have used both SWH & H_C).

 

[ForgottenSeer 97327]

Does Dan's DefenderUI offer the same max settings as Andy's ConfigureDefender? Or does Andy's go deeper. (I have used both SWH & H_C).

DUI free also offers Defender update settings which ConfigureDefender does not have. DUI-PRO also offers additional protection called dynamic security postures (meaning it blocks anything which landed new on your PC when it is not in the local whitelist or the CyberLock cloud whitelist). IMO when you set MalwareDefender cloud protection to maximum (level 6 = MAX or zero tolerance), it also blocks all unknown executables. So when you use DUI-PRO you might want the cloud level to HIGH or HIGH-plus. DUI-PRO uses a small local whitelist and a small cloud whitelist which is in theory more secure than Microsoft's large cloud whitelist, but might in practice cause more FP;s (warning). On my Desktop DUI-PRO delayed startup of programs a bit.