Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Other security for Windows, Mac, Linux
Looking for suggestions for Appguard
Message
<blockquote data-quote="simmerskool" data-source="post: 1017830" data-attributes="member: 61091"><p>I'm not expert enough to respond appropriately. I did see that Cutting_Edgetech (wilders) was (or had been) running both, and he seemed to be a knowledgeable poster. I think that I am not knowledgeable enough to make all optimal tweaks to AGSolo, at least for now, but I am interested in its protection approach. I did run AG without VS for a short period. Meanwhile, VS website says: </p><p></p><p>"LOLBins (Living Off the Land Binaries) have become an increasingly common attack vector in the cybersecurity landscape. Other endpoint protection products typically only protect 5-50 vulnerable process (for example, powershell, cmd, cscript, regsvr32, forfiles, scheduled tasks, bcedit), while CyberLock protects 1,000’s of vulnerable processes system wide, all automatically, all with zero configuration. If a new vulnerable process is discovered, CyberLock automatically updates each endpoint in 4 hours or less." </p><p></p><p>I have seen some discussions about adding LOLBins to AG config, but so far I have not tweaked that section of AG config, it's still default. To the extent that my AG may be missing a "vulnerable" LOLBin, I have the understanding that VS will (or should) provide that protection unless there's a conflict between VS & AG, and Dan says no conflict. So question: why use AG if I'm really relying on VS? I was curious and wanted to "test" AG. And I think I'm learning some in the process. Ditto H_C. You can click H_C's recommended button and be clueless, or you can also read and hopefully understand all the doc material Andy has made available. (ps currently, I am not running H_C). I guess if you are running AG, you are confident that you have it configured correctly. Your confidence may be misplaced but I hope not. In any event, since Dan confirmed <u>no</u> conflict, and I'm seeing zero slowdown running both, I'll carry on for the time being.</p></blockquote><p></p>
[QUOTE="simmerskool, post: 1017830, member: 61091"] I'm not expert enough to respond appropriately. I did see that Cutting_Edgetech (wilders) was (or had been) running both, and he seemed to be a knowledgeable poster. I think that I am not knowledgeable enough to make all optimal tweaks to AGSolo, at least for now, but I am interested in its protection approach. I did run AG without VS for a short period. Meanwhile, VS website says: "LOLBins (Living Off the Land Binaries) have become an increasingly common attack vector in the cybersecurity landscape. Other endpoint protection products typically only protect 5-50 vulnerable process (for example, powershell, cmd, cscript, regsvr32, forfiles, scheduled tasks, bcedit), while CyberLock protects 1,000’s of vulnerable processes system wide, all automatically, all with zero configuration. If a new vulnerable process is discovered, CyberLock automatically updates each endpoint in 4 hours or less." I have seen some discussions about adding LOLBins to AG config, but so far I have not tweaked that section of AG config, it's still default. To the extent that my AG may be missing a "vulnerable" LOLBin, I have the understanding that VS will (or should) provide that protection unless there's a conflict between VS & AG, and Dan says no conflict. So question: why use AG if I'm really relying on VS? I was curious and wanted to "test" AG. And I think I'm learning some in the process. Ditto H_C. You can click H_C's recommended button and be clueless, or you can also read and hopefully understand all the doc material Andy has made available. (ps currently, I am not running H_C). I guess if you are running AG, you are confident that you have it configured correctly. Your confidence may be misplaced but I hope not. In any event, since Dan confirmed [U]no[/U] conflict, and I'm seeing zero slowdown running both, I'll carry on for the time being. [/QUOTE]
Insert quotes…
Verification
Post reply
Top