What is the best anti EXE

  • Total voters
    39

Cortex

Level 21
Verified
I bought VoodooShield three months ago or so, due to a issue they had I ended up uninstalling & reinstalling, anyway I was blocked, I contacted the developer who said I will give you a couple more seats (not really) Not my fault - Well if you ever image back I did once I was again blocked - The annoying thing was the issue was caused by themselves with an bad update, not used it since, might contact the developer, who can’t seem to see what PC's it's been installed on. Just want the original seat?
 
I bought VoodooShield three months ago or so, due to a issue they had I ended up uninstalling & reinstalling, anyway I was blocked, I contacted the developer who said I will give you a couple more seats (not really) Not my fault - Well if you ever image back I did once I was again blocked - The annoying thing was the issue was caused by themselves with an bad update, not used it since, might contact the developer, who can’t seem to see what PC's it's been installed on. Just want the original seat?
they must implement HID based activation :/ its easy to do
 

Slyguy

Level 43
Not expensive for SEPC, which is Symantec's SaaS offering. Light as a feather.

Endpoint Protection Cloud | Symantec

AV-TEST – The Independent IT-Security Institute

SEPC is their premier offering, check the whitepaper.
https://www.symantec.com/content/dam/symantec/docs/data-sheets/endpoint-protection-cloud-en.pdf

Advanced Machine Learning
Behavior Monitoring
Memory Exploit Mitigation
Emulator
Firewall and Intrusion Prevention
File Reputation
Antivirus
Device Control

A powerful combination of detection technologies stop
advanced threats and rapidly-mutating malware regardless
of how they attack your endpoint – all in a high-performance,
lightweight agent.

• Advanced machine learning blocks new and emerging
threats using trillions of samples of good and bad files
in the Symantec Global Intelligence Network to power
machine-learning results.

• Behavior monitoring determines file risk by monitoring
nearly 1,400 file behaviors while they execute in real time
to block malicious files.

• Memory exploit mitigation neutralizes zero-day exploits in
popular software that has not been patched by the vendor
using signatureless technology that works regardless of flaw,
bug, or vulnerability.

• High-speed emulation technology detects malware hidden
by polymorphic custom packers. A static data scanner runs
each file in milliseconds, in a lightweight virtual machine to
force threats to reveal themselves, improving both detection
rates and performance.
 

Dhruv2193

Level 9
Verified
@NortoN users: what is Sonar, and why does it make default/deny software unnecessary?
Sonar function-
SONAR is real-time protection that detects potentially malicious applications when they run. It provides "zero-day" protection because it detects threats before traditional virus and spyware detection definitions have been created to address the threats.
Source - Turn SONAR Protection off or on
 

Andy Ful

Level 60
Verified
Trusted
Content Creator
SONAR 4 = Advanced Heuristics + Behavior Blocker (based on behavioral profiles). It has an interesting feature: Non Process Threats (NPTs), that helps to protect against code injections.
"SONAR does not make detections on application type, but on how a process behaves. SONAR acts on an application only if that application behaves maliciously, regardless of its type. For example, if a Trojan horse or keylogger does not act maliciously, SONAR does not detect it."
.
About SONAR
 

shmu26

Level 85
Verified
Trusted
Content Creator
SONAR 4 = Advanced Heuristics + Behavior Blocker (based on behavioral profiles). It has an interesting feature: Non Process Threats (NPTs), that helps to protect against code injections.
"SONAR does not make detections on application type, but on how a process behaves. SONAR acts on an application only if that application behaves maliciously, regardless of its type. For example, if a Trojan horse or keylogger does not act maliciously, SONAR does not detect it."
.
About SONAR
Thanks.
So I don't think it replaces default/deny software. It is behavior based, so it is very likely to fail when a new type of malware behavior takes place.
 

ZeroDay

Level 28
Verified
Malware Tester
Not expensive for SEPC, which is Symantec's SaaS offering. Light as a feather.

Endpoint Protection Cloud | Symantec

AV-TEST – The Independent IT-Security Institute

SEPC is their premier offering, check the whitepaper.
https://www.symantec.com/content/dam/symantec/docs/data-sheets/endpoint-protection-cloud-en.pdf

Advanced Machine Learning
Behavior Monitoring
Memory Exploit Mitigation
Emulator
Firewall and Intrusion Prevention
File Reputation
Antivirus
Device Control

A powerful combination of detection technologies stop
advanced threats and rapidly-mutating malware regardless
of how they attack your endpoint – all in a high-performance,
lightweight agent.

• Advanced machine learning blocks new and emerging
threats using trillions of samples of good and bad files
in the Symantec Global Intelligence Network to power
machine-learning results.

• Behavior monitoring determines file risk by monitoring
nearly 1,400 file behaviors while they execute in real time
to block malicious files.

• Memory exploit mitigation neutralizes zero-day exploits in
popular software that has not been patched by the vendor
using signatureless technology that works regardless of flaw,
bug, or vulnerability.

• High-speed emulation technology detects malware hidden
by polymorphic custom packers. A static data scanner runs
each file in milliseconds, in a lightweight virtual machine to
force threats to reveal themselves, improving both detection
rates and performance.
Even Avast did well in this test, MS did well too:

AV-TEST – The Independent IT-Security Institute
 

RoboMan

Level 30
Verified
Content Creator
Malware Tester
I'm going to have to disagree here Norton isn't in Kaspersky's league. KIS has a better bb, Application control, TAM. It's better than Norton on it's worst day. Back to OP SRP = Software Restriction Policies. An IT engineer with a lot of experience should definitely know that. My 11 year old son knows that.
SONAR has behaved amazing against Kaspersky Behaviour Blocker and I might say its AI even behaved better. Still, Kaspersky has some amazing extra modules like you mentioned, TAM; Application Control; which complement their BB in a way Norton cannot reach. This is why, I think, Kaspersky offer a more solid product for end-users :=)
 

ZeroDay

Level 28
Verified
Malware Tester
SONAR has behaved amazing against Kaspersky Behaviour Blocker and I might say its AI even behaved better. Still, Kaspersky has some amazing extra modules like you mentioned, TAM; Application Control; which complement their BB in a way Norton cannot reach. This is why, I think, Kaspersky offer a more solid product for end-users :=)
Yeah, Kaspersky seem to be one of the very few vendors that pay full attention to every module they offer.
 

Chimaira

Level 4
Consumers (aka Home users) doesn't bring money, they just want stuff for free that does everything automatically for them.
No wonder more and more vendors get away from consumers and focuses on businesses/corporations.
Plus it is much easier to gouge corporations and charge tons of money. The amount of money corporations will spend on things is mind boggling.
 
Top