Battle OSArmor, SysHardener, Hard_Configurator; what are the differences?

Software comparison
OSArmor
SysHardener
Hard_Configurator
Feature comparison
  1. Most available features

imuade

Level 12
Verified
Top poster
Well-known
Jul 29, 2018
567
Hard_Configurator and SysHardener are similar, they both tune Windows built-in settings to harden the system.
H_C is more powerful, but in my opinion is better for intermediate to advanced users; SysH can be used by anyone (even if it requires at least a basic knowledge).
OSArmor is a behavior blocker that works in realtime. In my opinion is very good because it's very configurable and doesn't bother you too much with popups.
If you have CruelComodo you don't need any of them.
 

RoboMan

Level 34
Verified
Top poster
Content Creator
Well-known
Jun 24, 2016
2,337
Hard_Configurator and SysHardener are similar, they both tune Windows built-in settings to harden the system.
H_C is more powerful, but in my opinion is better for intermediate to advanced users; SysH can be used by anyone (even if it requires at least a basic knowledge).
OSArmor is a behavior blocker that works in realtime. In my opinion is very good because it's very configurable and doesn't bother you too much with popups.
If you have CruelComodo you don't need any of them.
Only thing I would change is that OSArmor is not a behaviour blocker, it's a post-exploit protection layer. It will only trigger alerts and block actions once they have been launched.
 

bribon77

Level 35
Verified
Top poster
Well-known
Jul 6, 2017
2,418
Neither Emsisoft?


so either SH+OSA or H_C are in either case not needed and redundant with the above software?
All the programs you mentioned are very good.
But they are not for everyone to work at the same time, there are different configurations. for example Emsi with SH well.Or with OSA, or H_C or Comodo CS/.

But all of them together = Explosion.:p
 

RoboMan

Level 34
Verified
Top poster
Content Creator
Well-known
Jun 24, 2016
2,337
what is the point to aleft after a ransomware was able to encrypt your disks?
No, it doesn't work like that. OSArmor works with pre-defined rules. For example: blocking outbound connections to X processes or denying execution of X process. If malware tries to perform any action which a predefined rule has on its configuration, it will be blocked. It doesn't scan the file nor it scans its behaviour, it just compares blocks the action according to the rules. If a new malware includes an evasion technique or a new way to infect you without using a process or action blocked by the loaded rules, OSArmor will just watch it happen.
 

Andy Ful

Level 79
Verified
Helper
Top poster
Developer
Well-known
Dec 23, 2014
6,803
H_C, OSA, and SysHardener are the attack surface reduction applications based on restriction rules. All of them can block/restrict scripts, some dangerous types of files, execution from suspicious locations, etc.

The malware/exploit has usually a problem with running on such protected system, or if it could run then it is often mitigated on the later infection stage.

The less restrictive and simplest is SysHardener. The most restrictive is H_C set to default-deny. The more restrictions, the less user-friendly can be the application, and the more skills it requires. Both H_C and OSA can be adjusted to the software installed on the computer due to whitelisting abilities.

H_C and SysHardener are configurators. They can configure/activate the Windows built-in security features, and after this, they do not use real-time processes. All real-time security comes from native Windows security. Such protection is the lightest and most compatible with Windows. OSA uses 3-rd party driver to apply real-time protection, so can have sometimes a compatibility problem with Windows 10 updates/upgrades.

H_C, OSA, and SysHardener should not be used together or in a combo, except when the user knows them very well.
In my opinion, H_C, OSA, and SysHardener should not be used in combo with CF with CS settings (highly restricted autosandbox) because such protection would be inconvenient and too complex.
 
Last edited:

RoboMan

Level 34
Verified
Top poster
Content Creator
Well-known
Jun 24, 2016
2,337
this is what every AV does when doesn't recognize a new threat
Kind of, but here's where behaviour blocker, heuristics or IA modules come into the scenario. Although, most suck. Yet you have a couple of good ones like System Watcher or SONAR. But in most cases, zero day malware pieces will most likely get you crying.
 

Back3

Level 11
Verified
Top poster
Apr 14, 2019
508
I have Windows Defender with CruelCommodo. I tried to add SysHardener and OSA at some point and got problems I didn't know how to solve mostly limitations like OneDrive stopped working. Sometimes a problem arises a month later and it's very difficult to pinpoint a setting you changed.
Macrium to the rescue!. But I kept the firewall rules of SysHardener.
 

oldschool

Level 66
Verified
Top poster
Well-known
Mar 29, 2018
5,589
I have Windows Defender with CruelCommodo. I tried to add SysHardener and OSA at some point and got problems I didn't know how to solve mostly limitations like OneDrive stopped working. Sometimes a problem arises a month later and it's very difficult to pinpoint a setting you changed.
Macrium to the rescue!. But I kept the firewall rules of SysHardener.

Users should not choose settings of any feature they do not understand. This is especially true with OS hardening tools but is true for all software as well. Users who have experienced problems will testify to the this truth.
 

Back3

Level 11
Verified
Top poster
Apr 14, 2019
508
I have a notebook near my computer where I jot down everything I do on my computer...apps updates, upgrades, new settings, Macrium images, good ideas...etc...Most of the time, I know what or when I did something wrong. But sometimes, I take risks just for the thrill of it....
Even if I know that Windows Defender or Emsisoft with Comodo are enough!
 
Last edited:
  • Like
Reactions: oldschool