Joined
Jun 4, 2017
Messages
158
Operating System
Windows 10
Antivirus
Emsisoft
#1
Hi all,

having Kasperky in place and application control configured so that just special applications are allowed to access my private files (docs, pictures, ...) I am asking my self if there will be a benifit of playing with AppGuard.
I know that there are people here on MT that are big fans of AppGuard, so here is my question:

What can I do with AppGuard that I can't archive using Application Control from KTS?

Thanks and cheers
 

mekelek

Level 28
MH Trial
Verified
Joined
Feb 24, 2017
Messages
1,708
Operating System
Windows 10
Antivirus
Kaspersky
#3
Appguard works differently than Kaspersky's application control, the best i understood it, it's separating the memory region of guarded apps so that they can't do harm outside of that memory region.
Kaspersky blocks access, Appguard puts the apps in one of those white rooms:
 

mekelek

Level 28
MH Trial
Verified
Joined
Feb 24, 2017
Messages
1,708
Operating System
Windows 10
Antivirus
Kaspersky
#5
@Glashouse
Can you write how did you make Kapsersky like you say?What is you changed settings?Can you put here Kaspersky setting pictures?

left side add a new category/file/folder, and then right side have everything Deny access (red X) and only the apps that you want to have access of those files/folders, have green arrow
 

XhenEd

Level 27
Content Creator
Verified
Joined
Mar 1, 2014
Messages
1,674
Operating System
Windows 10
Antivirus
#7
The simplest way for Kaspersky to achieve what AppGuard does is to activate Trusted Applications Mode. TAM acts as a default-deny mode. It also puts predefined installed programs into separate folders in Application Control. What it does is to control what these programs do to the system. Thus, TAM also acts just like AppGuard's MemoryGuard. :)
 

Lockdown

From AppGuard
Developer
Verified
Joined
Oct 24, 2016
Messages
4,341
#9
@mekelek thanks for adding the settings picture!

@all thanks for your feedback. I would like to try / buy AppGuard but currently the site is not offering it...
Here is new link to purchase AppGuard Personal version:

Blue Ridge Networks Store

I guess they are transitioning to FastSpring, but all the webpages have not been linked yet.
 
Joined
Jun 4, 2017
Messages
158
Operating System
Windows 10
Antivirus
Emsisoft
#13
Thanks @Lockdown , I will give it a try. currently I am very happy with VS, but perhaps for another system AppGuard might be right.
 
Joined
Jul 26, 2015
Messages
68
#14
Got Kaspersky Security Cloud it is similar to KIS 2017 - Configured ProgramControll to Deny everything that is not trusted!

This means if it is not digitally signed and verified it will not work on the PC at all.

My default Rules are all deny with the exception of the trusted ones. Of course you will need to set an App to trusted if you want it to work properly but everything below that will not even execute. :D

Why buy another app if Kaspersky already can do the job. ^^

UPDATE with PICs :p

aKSC.png bKSC.png cKSC.png dKSC.png

Best regards
Val.
 
Last edited:
Joined
Jun 4, 2017
Messages
158
Operating System
Windows 10
Antivirus
Emsisoft
#15
@valvaris sure I am 100% with you but sometimes it is about playing with other things and perhaps @Lockdown or the other experts herecould tell us more about the advantages? perhaps memory protection? I am not sure how KTS handles this.
 
Joined
Jun 4, 2017
Messages
158
Operating System
Windows 10
Antivirus
Emsisoft
#16
Playing with AppGuard it seems that we are not getting friends...
Perhaps I have to get used to it and find out how to archive special goals like limiting writing to special folders to just some apps (example: giving just keepass and resilio sync access to the keepass folder)...
 
Likes: shukla44
Joined
Jul 26, 2015
Messages
68
#17
@valvaris sure I am 100% with you but sometimes it is about playing with other things and perhaps @Lockdown or the other experts herecould tell us more about the advantages? perhaps memory protection? I am not sure how KTS handles this.
As much as I know how KSC / KIS handles this is with Application Control - If the App is not allowed to execute, nothing is in memory or If an App is allowed to execute but does not have rights to modify data KSC / KIS will prevent that and allot more... Ruleset is quite large in KSC / KIS

Same thing goes for Applocker on the Enterprise version of Windows. There are Allow and Deny polices as soon as an app or user/group is not allowed to run the apps it will not execute. Even if an execution is possible the Applocker polices need to allow the user to modify data on a path as well or else the App will leave an error. Depends on how the App is created and if it has dependencies...

Even if it is for experimentation look for functionality - On Kaspersky you need to jingle around a few menus to Allow/Deny an App - On the AppGuard you just need a few clicks. But that AppGuard worth is can Malware disable the protection or manipulate it - can it prevent scripts from executing and so on... There are allot of factors and I think that Kaspersky does a good job with that. :D

Best regards
Val.
 
Likes: spaceoctopus

Lockdown

From AppGuard
Developer
Verified
Joined
Oct 24, 2016
Messages
4,341
#18
Playing with AppGuard it seems that we are not getting friends...
Perhaps I have to get used to it and find out how to archive special goals like limiting writing to special folders to just some apps (example: giving just keepass and resilio sync access to the keepass folder)...
It is recommended that you install AppGuard and use the default Protected mode in the beginning - rather than install it and immediately attempt to craft advanced policies.

Once you learn it, you will see that it is quite easy. It is not the extremely difficult to configure security soft that some make it out to be. If my 92 year old grandmother can use it, then anybody can use it.

If there is something specific that you are attempting to do, then it is recommended that you ask about it before attempting it.

It is not realistic to compare SRP with other security softs on an item-to-item basis because SRP works differently. Comparing SRP to anti-executables or internet security suites is like comparing apples and oranges. All are security softs, all will block, but they are different in how they work. SRP either comes with default policies or completely empty and requires user configuration.

AppGuard comes with default policies that provide high protection whereas similar products such as AppLocker and Group Policy are completely unconfigured by default (and the user must craft the polciies).
 
Last edited:

Lockdown

From AppGuard
Developer
Verified
Joined
Oct 24, 2016
Messages
4,341
#19
As much as I know how KSC / KIS handles this is with Application Control - If the App is not allowed to execute, nothing is in memory or If an App is allowed to execute but does not have rights to modify data KSC / KIS will prevent that and allot more... Ruleset is quite large in KSC / KIS

Same thing goes for Applocker on the Enterprise version of Windows. There are Allow and Deny polices as soon as an app or user/group is not allowed to run the apps it will not execute. Even if an execution is possible the Applocker polices need to allow the user to modify data on a path as well or else the App will leave an error. Depends on how the App is created and if it has dependencies...

Even if it is for experimentation look for functionality - On Kaspersky you need to jingle around a few menus to Allow/Deny an App - On the AppGuard you just need a few clicks. But that AppGuard worth is can Malware disable the protection or manipulate it - can it prevent scripts from executing and so on... There are allot of factors and I think that Kaspersky does a good job with that. :D

Best regards
Val.
One issue with just about any security soft that the user can modify a lot of settings or policies, is that it takes time to learn - which is not always an easy process. The hardest part is getting information. @harlan4096 and I have discussed this frequently regarding Kaspersky's policy editor. Even hardcore beta testers like @harlan4096 do not get the infos from development and documentation is almost impossible to find.

Also, see previous post immediately above.
 
Last edited:
Joined
Jul 26, 2015
Messages
68
#20
Nice achievement unlocked: "made you look" @Lockdown :D

Did not noticed that a Dev. from AppGuard is here. I do not want to sound rude and disrespectful but what link is the official one - Looking in German Google can not find anything about AppGuard just get that Andoird AV Scanner stuff???

I do not want to judge an application that I did not test yet :D But it makes me curious on how this functions the other point is cost effectiveness. As much as I know this application costs like 30 isch $ a year?! So the protection has to offer something worth the investment and trust... ;)

Sincerely
Val.

P.s. Software Restriction Policies, AppLocker Policies and embedded solutions on security software are different but primarily they should prevent things from happening all in a different way but still with the same goal. Do not execute if not allowed!

-- A little read on SRP and AppLocker: AppLocker: Frequently Asked Questions

on second note all Security Software out there have a learning curve even AppGuard :p

But to come back on topic my reason of being so harsh is investment and what do i get for it... ;)
 
Last edited:
Likes: spaceoctopus