Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Other security for Windows, Mac, Linux
OpenEDR - anti-hacker and anti-malware tool
Message
<blockquote data-quote="Victor M" data-source="post: 1064795" data-attributes="member: 96560"><p>OpenEDR is an endpoint detection and response tool. It has anti-malware and anti-hacker capabilities. It is free for 30 days and it is only $4/month/pc postpaid.</p><p></p><p>An EDR is not necessarily only for enterprises. It becomes necessary when you are being hacked. That is because OpenEDR provides the visibility into the attacker's activities that are not visible on your screen.</p><p></p><p>It is true that EDR requires monitoring. But not unduly so. Checking every other day is fine (in my circumstances). Most of us glance at our anti-malware when there's nothing to do. When you are under attack you will want to check a little more frequently.</p><p></p><p>An EDR taps into Windows Events. And Windows logs Everything. And OpenEDR selects and raises alerts for you when anything suspicious is happening. For example, the RuntimeBroker.exe Windows component is usually started on demand by Windows itself, but if it was observed that it has been started manually, OpenEDR will raise an Alert for you. There is such a thing called Living off the Land binaries, which are native Windows exe's which are used by hackers to do their bidding. OpenEDR knows about hacker tactics and activity patterns. And in it's alerts, it gives a reference to Mitre Att&ck's bible reference for hacker tactics.</p><p></p><p>OpenEDR has a Auto Containment feature. It will put any suspicious file executions into a virtualized environment where it cannot affect Windows. It also automatically virtualizes any new exe's. So any malware or hacker tools will also run virtualized. Any file executions that are virtualized raises an alert. It has too many classes of alerts to mention; but to our MalwareTips readers, they will be interested in this: there is an alert named 'write to binary' which means new exe creation. This will alert you to most malware activities.</p><p></p><p>OpenEDR has a anti-malware component. OpenEDR is the latest incarnation of Comodo Firewall. It has stability and capability improvements. Long time member [USER=7463]@cruelsister[/USER] has demoed the complete efficacy of it's Auto Containment against malware here: <a href="https://malwaretips.com/threads/comodo-firewall-2024-beta-setup-and-test.125223/" target="_blank">App Review - Comodo Firewall 2024 Beta Setup and Test</a> . And long time video reviewer [USER=92939]@Shadowra[/USER] has her demo here: <a href="https://malwaretips.com/threads/comodo-firewall-beta-2024-modified-settings.126541/" target="_blank">App Review - Comodo Firewall BETA 2024 (Modified Settings)</a> .</p><p></p><p>Anti-malware is generally useless against hackers, because hackers test their tools against common anti-malware vendors and modify their tools to evade signatures. But Auto Containment sets OpenEDR apart.</p><p></p><p>OpenEDR is free for 30 days. And it's post paid subscription price is reasonably priced for a home user; about the same as an antivirus. But you are also getting an EDR. You are not paying extra for a tool which you don't frequently use, so why not have the capability for when you Do need it.</p><p> </p><p>And most MalwareTips users think automatically of malware when something is wrong, when actually they are really under a hacker attack. You cannot tell the difference unless you look into it. That's what an EDR enables you to do. Then you can take defensive actions. "What you don't know is what you don't know".</p></blockquote><p></p>
[QUOTE="Victor M, post: 1064795, member: 96560"] OpenEDR is an endpoint detection and response tool. It has anti-malware and anti-hacker capabilities. It is free for 30 days and it is only $4/month/pc postpaid. An EDR is not necessarily only for enterprises. It becomes necessary when you are being hacked. That is because OpenEDR provides the visibility into the attacker's activities that are not visible on your screen. It is true that EDR requires monitoring. But not unduly so. Checking every other day is fine (in my circumstances). Most of us glance at our anti-malware when there's nothing to do. When you are under attack you will want to check a little more frequently. An EDR taps into Windows Events. And Windows logs Everything. And OpenEDR selects and raises alerts for you when anything suspicious is happening. For example, the RuntimeBroker.exe Windows component is usually started on demand by Windows itself, but if it was observed that it has been started manually, OpenEDR will raise an Alert for you. There is such a thing called Living off the Land binaries, which are native Windows exe's which are used by hackers to do their bidding. OpenEDR knows about hacker tactics and activity patterns. And in it's alerts, it gives a reference to Mitre Att&ck's bible reference for hacker tactics. OpenEDR has a Auto Containment feature. It will put any suspicious file executions into a virtualized environment where it cannot affect Windows. It also automatically virtualizes any new exe's. So any malware or hacker tools will also run virtualized. Any file executions that are virtualized raises an alert. It has too many classes of alerts to mention; but to our MalwareTips readers, they will be interested in this: there is an alert named 'write to binary' which means new exe creation. This will alert you to most malware activities. OpenEDR has a anti-malware component. OpenEDR is the latest incarnation of Comodo Firewall. It has stability and capability improvements. Long time member [USER=7463]@cruelsister[/USER] has demoed the complete efficacy of it's Auto Containment against malware here: [URL='https://malwaretips.com/threads/comodo-firewall-2024-beta-setup-and-test.125223/']App Review - Comodo Firewall 2024 Beta Setup and Test[/URL] . And long time video reviewer [USER=92939]@Shadowra[/USER] has her demo here: [URL='https://malwaretips.com/threads/comodo-firewall-beta-2024-modified-settings.126541/']App Review - Comodo Firewall BETA 2024 (Modified Settings)[/URL] . Anti-malware is generally useless against hackers, because hackers test their tools against common anti-malware vendors and modify their tools to evade signatures. But Auto Containment sets OpenEDR apart. OpenEDR is free for 30 days. And it's post paid subscription price is reasonably priced for a home user; about the same as an antivirus. But you are also getting an EDR. You are not paying extra for a tool which you don't frequently use, so why not have the capability for when you Do need it. And most MalwareTips users think automatically of malware when something is wrong, when actually they are really under a hacker attack. You cannot tell the difference unless you look into it. That's what an EDR enables you to do. Then you can take defensive actions. "What you don't know is what you don't know". [/QUOTE]
Insert quotes…
Verification
Post reply
Top
