Advanced Plus Security Kongo's Computer Security Config 2024

Last updated
Jul 17, 2024
How it's used?
For home and private use
Operating system
macOS 15 Sequoia
On-device encryption
BitLocker Device Encryption for Windows
Log-in security
    • Hardware security key
Security updates
Allow security updates and latest features
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
Off
Network firewall
Enabled
About WiFi router
- Speedport Smart 4
- Firewalla Blue +
Real-time security
Deep Instinct Endpoint Protection
WhitelistCloud
Firewall security
Microsoft Defender Firewall with Advanced Security
About custom security

Hardening tools:
- Firewall Hardening (blocking outbound connections of LOLBins)
- Run by SmartScreen (forces SmartScreen to scan files of choice)

- STOP/DJVU Ransomware Vaccine (immunizes system against this type of ransomware)
- O&O ShutUp10 (recommended settings)
- O&O AppBuster (removed unecessary Windows 11 apps)
- Windows Sandbox



System settings:
- Microsoft Defender running in sandbox (inactive)
- Reputation Based Protections (all modules enabled)
- Smart App Control enabled

- Data Execution Prevention set to AlwaysOn
- Core Isolation: Memory Integrity enabled
-
Kernel-mode Hardware-enforced Stack Protection enabled
- Secure Boot enabled
- Drives encrypted via TPM (BitLocker)
- Windows Update Delivery Optimization disabled
- AutoPlay disabled
- Network Discovery disabled (Public Firewall profile)
- PowerShell --> Constrained Language Mode
- Hide extensions for known file types --> disabled
- Show hidden files --> enabled

- Virtualization enabled (allows Application Sandboxing)
- Custom Exploit Protection Settings for Firefox:
Code:
Block low integrity images - ON
Block remote images - ON
Block untrusted fonts - ON
Control flow guard (CFG) - ON
Data execution prevention (DEP) - ON + Enable thunk emulation - CHECKED
Disable extension points - ON
Force randomization for images (Mandatory ASLR) - ON + Do not allow stripped images - CHECKED
Randomize memory allocations (Bottom-up ASLR) - ON
Validate exception chains (SEHOP) - ON
Validate handle usage - ON
Validate heap integrity - ON
Validate image dependency integrity - ON

Thanks to @oldschool for sharing! :)

ㅤㅤㅤHardware Firewall (Firewalla Blue Plus):
- Active Protect (Strict)
- Ad Block (Strict)
- OISD blocklist enabled in Firewalla
- New Device Quarantine (restricted internet access for newly connected devices)

- Geo-IP Filtering (blocking connections from and to Russian + Chinese IPs)
- Unbound DNS enabled for all devices
‎‎‎ㅤ‎ ‎ ‎ ‎
Periodic malware scanners
Norton Power Eraser, X-Sec and AdwCleaner
Malware sample testing
I do participate in malware testing. See details about my testing environment below.
Environment for malware testing
‎‎‎ㅤㅤㅤ
VMware Workstation Player + Mullvad VPN on host machine while connected to the guest network.

Online Malware Analysis Platforms that I use:


- FileScan.iO
- Intenzer Analyze
- Hybrid Analysis
- VirusTotal
- Sophos Intelix
- ANY.RUN
-
Triage
- Kaspersky Threat Intelligence Portal
- Neiki.Dev
- ThreatZone
- UnpacMe


--> Currently I am barely testing
Browser(s) and extensions

Mozilla Firefox v. 132.0.2

Extensions:
- Ghostery
- SafeToOpen

- Bitwarden


Browser privacy and security settings:
- Tracking protection: Strict (enables Total Cookie Protection)
- Enable secure DNS using: Max Protection
- HTTPS-only-mode enabled
- DuckDuckGo set as search engine
- Pocket disabled
- Sending DNT-requests disabled (enabling makes you more identifiable and barely gives any advantage on most sites.)
- Clearing browsing data on exit
- Search suggestions disabled
- Websites overview disabled
- Blocking incoming location, camera and microphone requests
- AutoPlay for audio and video disabled
- Firefox telemetry disabled (also in about:config)
- Blocking pop-ups
- Warn when websites try to install addons enabled
- Protection against fraudulent content and dangerous software enabled



about:config tweaks:
- network.dns.echconfig.enabled =
true
- network.dns.use_https_rr_as_altsvc = true
- fission.autostart = true
- pdfjs.enableScripting =
false
- network.IDN_show_punycode = true
- security.ssl.require_safe_negotiation = true

- geo.enabled = false
- webgl.disabled = true
- network.trr.mode =
3 (NextDNS)

ㅤㅤ
Secure DNS

- NextDNS with DoH + OISD blocklist (Firefox exclusively)
- Unbound DNS (Network-wide)


Desktop VPN
Proton VPN with Secure Core, NetShield and Permanent Kill Switch
Password manager
Bitwarden Premium
Maintenance tools
PatchMyPC, RuckZuck, UpdateHub, HiBit Uninstaller and Windows built in tools for cleaning and optimization
File and Photo backup
backup to external drive when necessary
Subscriptions
    • Google One Standard 200GB
System recovery
Aomei Backupper
Risk factors
    • Browsing to popular websites
    • Browsing to unknown / untrusted / shady sites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Downloading software and files from reputable sites
    • Gaming
    • Streaming audio/video content from shady sites
    • Downloading malware samples
Computer specs
GPU: Nvidia Geforce RTX 360 TI
CPU: Intel I5 12600K
RAM: 16 GB DDR4-3200 Crucial
Hard disks: 500 GB Samsung 970 EVO Plus + 1 TB Western Digital Blue
Notable changes
- Updated for year 2024
What I'm looking for?

Looking for minimum feedback.

Kongo

Level 36
Thread author
Verified
Top Poster
Well-known
Feb 25, 2017
2,597
As Deep Instinct probably isn't really an option for most home users, I thought I could share some of my experiences and screenshots of the client and the policies of DI.

Memory usage:

Screenshot 2023-05-06 142455.png

Deep Instinct's memory usage is pretty low and also the CPU usage remains low most of the time. Therefor my PC feels very snappy.

Stability:

Deep Instinct feels really stable. You can choose wether it should be registered in Windows Security Center or not. I personally have it registered. Compared to other AV solutions I didn't have any issues yet. Right after booting up my PC and accessing the security center, I can see that Deep Instinct is enabled and properly registered in the security center. Malwarebytes or G DATA for example either took a much longer time to register or they didn't register at all.
When Deep Instinct finds a threat it immediately quarantines it and gives a notification. And when I say "immediatly" then I really mean immediately.

--> Deep Instinct feels very stable and well matured.

Client:

Screenshot 2023-05-06 143032.png



Threat Notification:

Screenshot 2023-05-06 143305.png


Settings / Policies:

1.
Setting 1.png


2.
Setting 2.png


3.
Setting 3.png


4.
setting 4.png

I personally really enjoy Deep Instinct so far but I will keep you updated if you guys are interested.
 
Last edited:

Momus

Level 2
Verified
Oct 21, 2017
61
How did you get a hold of the company (used your link and wrote them a message asking for two licenses)? I used the contact form on Saturday and still no reply. Anyway, guess I really appreciate reading your experiences and giving Deep Instinct a try.
 

Kongo

Level 36
Thread author
Verified
Top Poster
Well-known
Feb 25, 2017
2,597
How did you get a hold of the company (used your link and wrote them a message asking for two licenses)? I used the contact form on Saturday and still no reply. Anyway, guess I really appreciate reading your experiences and giving Deep Instinct a try.
That's strange. They replied within a few hours. Just wait a little longer. I am sure they will reach out to you soon enough. :)
 
  • Like
Reactions: Nevi and Momus

Kongo

Level 36
Thread author
Verified
Top Poster
Well-known
Feb 25, 2017
2,597
Thanks, I will try and keep patient (not my strength).
Keep me updated if you don't mind. I am interested if you're also satisfied once you received the licenses.
 

Momus

Level 2
Verified
Oct 21, 2017
61
Keep me updated if you don't mind. I am interested if you're also satisfied once you received the licenses.
I will, promised! Guess they are just more interested in selling to companies than dropping individual licenses. But we will see, I will keep you in the loop 😄
 
  • Like
Reactions: Kongo

Kongo

Level 36
Thread author
Verified
Top Poster
Well-known
Feb 25, 2017
2,597
I will, promised! Guess they are just more interested in selling to companies than dropping individual licenses. But we will see, I will keep you in the loop 😄
The reseller I shared actually focuses on individuals too. But Deep Instinct, the company itself doesn't.

Screenshot 2023-05-08 223547.png
 

Momus

Level 2
Verified
Oct 21, 2017
61
The reseller I shared actually focuses on individuals too. But Deep Instinct, the company itself doesn't.

View attachment 275213
True: I read that as well, that’s why I was pretty confident of buying a license from them. Well, let’s see if they come up with a reply. I was not able to find another reseller in the meantime…
 
  • Like
Reactions: Kongo

Momus

Level 2
Verified
Oct 21, 2017
61
True: I read that as well, that’s why I was pretty confident of buying a license from them. Well, let’s see if they come up with a reply. I was not able to find another reseller in the meantime…
Do you still like it, especially comparing the product to the usual suspectives, eg. Gdata, Eset, etc.?
 
  • Like
Reactions: Kongo

Kongo

Level 36
Thread author
Verified
Top Poster
Well-known
Feb 25, 2017
2,597
Do you still like it, especially comparing the product to the usual suspectives, eg. Gdata, Eset, etc.?
I do. It's just so simplistic, snappy and stable. Barely had that experience with any other security product yet. (And I tried probably all of them)
 
  • Like
Reactions: Nevi and oldschool

Momus

Level 2
Verified
Oct 21, 2017
61
I do. It's just so simplistic, snappy and stable. Barely had that experience with any other security product yet. (And I tried probably all of them)
Thats what I thought as well, glad for you! It’s time to try out different solutions, I honestly feel all end consumer products are barely the same and lack innovation.
 

Momus

Level 2
Verified
Oct 21, 2017
61
No answer either since Friday :/
Good news, Gentlemen, as I just received a reply:
........................
Good morning and thank you for the online inquiry regarding the purchase of one license of end point protection. We offer 3 different solutions, which solution are you interested in purchasing? SentinelOne, Cylance or Deep Instinct?

Below are the questions I need answers to in order to build you a quote. Please let me know if you have any questions. Thank you.
  • Company Name:
  • Contact Name:
  • Business address:
  • Phone:
  • Email:
  • Quantity of licenses:
  • Software of interest: (Sentinelone, Cylance or Deep Instinct):
Regards,
Devon Clifford
CyberForce Security | Director of Sales - Central Region
Direct 512.773.8457 | dclifford@cyberforcesecurity.com
Schedule a call with me here | Send files securely here
Preferred Managed Security Service Provider (MSSP) and Value Added Re-Seller (VAR)
...............................
So, I will try buying a licence (or two if required) for private use, let's see...
 

Kongo

Level 36
Thread author
Verified
Top Poster
Well-known
Feb 25, 2017
2,597
Good news, Gentlemen, as I just received a reply:
........................
Good morning and thank you for the online inquiry regarding the purchase of one license of end point protection. We offer 3 different solutions, which solution are you interested in purchasing? SentinelOne, Cylance or Deep Instinct?

Below are the questions I need answers to in order to build you a quote. Please let me know if you have any questions. Thank you.
  • Company Name:
  • Contact Name:
  • Business address:
  • Phone:
  • Email:
  • Quantity of licenses:
  • Software of interest: (Sentinelone, Cylance or Deep Instinct):
Regards,
Devon Clifford
CyberForce Security | Director of Sales - Central Region
Direct 512.773.8457 | dclifford@cyberforcesecurity.com
Schedule a call with me here | Send files securely here
Preferred Managed Security Service Provider (MSSP) and Value Added Re-Seller (VAR)
...............................
So, I will try buying a licence (or two if required) for private use, let's see...
As a company name you can just mention your name.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top