D
Deleted member 178
Thread author
Jumping into the new year, we’re proud to announce the first significant update in our monthly release cycle that carries the major version “2018”. The main goal for our development team this month was to streamline and improve the user experience of our most important defence wall against new and unknown malware threats: The Behavior Blocker.
When you open the main user interface of Emsisoft Anti-Malware, you’ll notice that we have merged the panel of the Application Rules with that of the Behavior Blocker. This was a logical move as the two are closely related to the same thing: Defining which of the active programs shall be monitored, are trustworthy, or should be prevented from starting up. Instead of manually creating rules for specific program paths, you can now easily double-click one of the active processes to define a new “allow”, “monitor” (default) or “block” rule. The new application list also shows nicely which programs are excluded from monitoring as it integrates the Exclusions list too.
In the same set of improvements we’re launching a new feature to create application rule templates that professional users can now define via the Emsisoft Enterprise Console. In situations where a specific program needs to be excluded from protection across the entire network, or when a specific unwanted program needs to be blocked from running globally, it’s now an easy task to implement that with templates that also support wildcards and environment variables.
Read more here
About the BB's advanced options discontinuation:
Fabian Wosar (lead dev) said:Those "advanced rules" will not come back. The reason for that is that over the next months we are going to roll out a new generation of our behaviour blocker technology. Unlike the existing behaviour blocker, where we have specific triggers that cause certain alerts to appear, the new system is built on a more holistic model. That means, alerts are not triggered by one action happening under a specific combination of circumstances, but by a whole bunch of actions, that stretch across multiple areas. As a result a clear mapping between trigger and alert becomes impossible