Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Other security for Windows, Mac, Linux
NoVirusThanks OSArmor
Message
<blockquote data-quote="NoVirusThanks" data-source="post: 702142" data-attributes="member: 68429"><p>Great suggestions and feedbacks guys, much appreciated <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /></p><p></p><p>Have just uploaded another video about OSArmor in action:</p><p><a href="https://www.youtube.com/watch?v=U80bx81grmM" target="_blank">Block MS Office CVE-2017-11-882 Exploit Payload with OSArmor</a></p><p><a href="https://www.youtube.com/watch?v=U80bx81grmM" target="_blank"></a></p><p>[USER=50782]@Windows_Security[/USER]</p><p></p><p>"Basic anti-exploit protection (parent->child process)" monitors MS Office Apps, Chrome, Firefox, IE, Opera, Adobe PDF, Windows Media Player, and some other apps. In future versions we'll add single options like "Monitor MS Office Word", "Monitor MS Office Excel", "Monitor SumatraPDF", etc. Btw, yeah using custom rules (like yours) you can control mostly any application behavior <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /></p><p></p><p></p><p></p><p>Mainly inexperienced users (pre-checked options), but at the same time also experts and average\curious users (enable\disable options, custom block-rules). The plan is to keep it very simple and minimal, with no prompt dialogs, and write very fine-tuned and smart internal rules lowering the common FPs near to 0.</p><p></p><p>With just a few options enabled, the regular user has already a good protection (i.e basic anti-exploit, USB protection, bcdedit\pif\com block, double file extensions, block suspicious scripts, etc), that will protect popular ways used by malware to be deployed in the system (malspam, docs\pdf, exploit payloads, USB autorun, js\vbs scripts, etc) with low FPs. We can find the right balance between good protection (with default settings) and low FPs.</p><p></p><p>[USER=64677]@l0rdraiden[/USER]</p><p></p><p>We would like to avoid an allow\block dialog, users may find it annoying (but may be very useful for advanced users). We'll try to fix all common FPs and fine-tune the internal rules and see how it performs. So far, OSArmor was released one week ago and with v1.4 test11 we fixed\fine-tuned a lot of FPs already (thanks to all users that tested the program). We will discuss about the possibility to automate exclusions (i.e with a single button), a sort of internal learning mode and about a GUI to create exclusions (thanks everyone for the great suggestions and comments!).</p></blockquote><p></p>
[QUOTE="NoVirusThanks, post: 702142, member: 68429"] Great suggestions and feedbacks guys, much appreciated :) Have just uploaded another video about OSArmor in action: [URL='https://www.youtube.com/watch?v=U80bx81grmM']Block MS Office CVE-2017-11-882 Exploit Payload with OSArmor [/URL] [USER=50782]@Windows_Security[/USER] "Basic anti-exploit protection (parent->child process)" monitors MS Office Apps, Chrome, Firefox, IE, Opera, Adobe PDF, Windows Media Player, and some other apps. In future versions we'll add single options like "Monitor MS Office Word", "Monitor MS Office Excel", "Monitor SumatraPDF", etc. Btw, yeah using custom rules (like yours) you can control mostly any application behavior :) Mainly inexperienced users (pre-checked options), but at the same time also experts and average\curious users (enable\disable options, custom block-rules). The plan is to keep it very simple and minimal, with no prompt dialogs, and write very fine-tuned and smart internal rules lowering the common FPs near to 0. With just a few options enabled, the regular user has already a good protection (i.e basic anti-exploit, USB protection, bcdedit\pif\com block, double file extensions, block suspicious scripts, etc), that will protect popular ways used by malware to be deployed in the system (malspam, docs\pdf, exploit payloads, USB autorun, js\vbs scripts, etc) with low FPs. We can find the right balance between good protection (with default settings) and low FPs. [USER=64677]@l0rdraiden[/USER] We would like to avoid an allow\block dialog, users may find it annoying (but may be very useful for advanced users). We'll try to fix all common FPs and fine-tune the internal rules and see how it performs. So far, OSArmor was released one week ago and with v1.4 test11 we fixed\fine-tuned a lot of FPs already (thanks to all users that tested the program). We will discuss about the possibility to automate exclusions (i.e with a single button), a sort of internal learning mode and about a GUI to create exclusions (thanks everyone for the great suggestions and comments!). [/QUOTE]
Insert quotes…
Verification
Post reply
Top
