I've been praising behavior blockers since I've first met CyberHawk. It was a standalone behavior blocker from several years ago which had absolutely amazing results without using any signatures. It was then acquired by PCTools and re-released as ThreatFire, showcasing similar amazing results. Then Symantec acquired PCTools and everything just disappeared and they kinda merged the tech with today's SONAR which is also based on some other 3rd party behavior blocker acquired by Symantec. And that's how my story started with admiration of behavior blockers. Heuristics were interesting, but they are too easy to bypass where behavior blocker can encounter heavily obfuscated binary and it wouldn't give two farts about it, because it only cares about what that program does to the system. Later, Kaspersky showcased their PDM or Proactive Defense Module which was super effective. And so was BitDefender's Active Virus Control which is now Active Threat Control. Really advanced stuff. The AVG's Identity Protection was also a stand alone 3rd party behavior blocker which got acquired by AVG years ago and incorporated in their antivirus. And over the years, they apparently evolved it very far because it's really effective.
Only Comodo really was a total disappointment. Not only their behavior blocker only works well inside their Auto-Sandbox (it has a quite significant performance hit when used globally) which kinda defeats its purpose and secondly, despite all the time they offer it, it's really not much effective, only blocking few ransomware programs, but allowing all the general malware even though competition detects it consistently.
DrWeb Katana was also a bit of disappointment. I haven't tested it myself, but I've watched videos and from the looks of it, it seems rather dumb behavior blocker, more in line of intelligent HIPS than a good behavior blocker. Which is not necessarily bad, it's just not as precise and convenient tot he user as behavior blockers which are quiet on legit apps, but they detect huge amount of malware. False positives are very rare with behavior blockers.
After huge disappointment from Comodo, I've remembered Kaspersky which had amazing results with their PDM (Proactive Defense Module) years ago. And let me just say Kaspersky hasn't disappointed this time around either. It just shows Kaspersky employs one of the top software and security engineers in this field, scoring 100% protection from malware using nothing but behavior blocker. Granted, it missed few adware samples, but you can't really detect rather harmless adware based on behavior if it's not behaving like a bad program. Program has to actually try to delete your files, encrypt them or try to modify them in order to trigger behavior blockers. This was expected outcome which doesn't really tarnish Kaspersky's final score. It's safe to say Kaspersky just set a new standard for the rest. The new AVG/avast! BETA following second best so far. Really impressive results from Kaspersky!
