Advanced Plus Security Outpost Security Config 2020

Last updated
Apr 13, 2020
Operating system
Windows 11
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
Kaspersky Internet Security 2020
Firewall security
About custom security
  1. Kis: Applications Control tweaked
  2. Removed pre-installed apps by Microsoft or third-party
  3. O&O ShutUP10 to manage the computer’s privacy settings
  4. Disable unnecessary Windows services.
Periodic malware scanners
Norton Power Eraser
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Edge Chromium: Bitwarden - Privacy Badger
Google Chrome: Bitwarden - Privacy Badger
Maintenance tools
Soft Organizer Pro / Wise Care 365 (paid) / O&O shutup10
File and Photo backup
Macrium Reflect Home / OneDrive (1TB)
System recovery
Macrium Reflect Home
Risk factors
    • Logging into my bank account
    • Browsing to popular websites
    • Downloading software and files from reputable sites
    • Downloading malware samples
    • Browsing to unknown / untrusted / shady sites
    • Working from home
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
Asus i5 - 6198du - 12 GB ram - 500 GB Hd

Outpost

Level 5
Thread author
Verified
Well-known
Jan 11, 2020
220
Your KIS setup is very strong, especially for unsafe applications/DLLs/scripts (TAM). I am not sure if it is equally strong for LOLBins and fileless attacks, but it can probably mitigate most of them in some way. Many such attacks can be done via the weaponized MS Office documents. Normally, SysHardener could be tweaked to harden MS Office applications. But on SUA, the SysHardener's hardening for MS Office does not work.
I do not think that your setup requires any modification. Please, treat my notes as some theoretical considerations.

You touched on an important point: the mitigation of LOLBin attacks on KIS isn't actually very strong. I had already considered it and I have not yet had time to try if it is possible to do something on KIS (create specific rules).
SysHardener is tweaked, but I wasn't aware of its limitation with Office in the SUA.
Your considerations and advice are always welcome, so tell me if you have alternative proposals to recommend.
 

Outpost

Level 5
Thread author
Verified
Well-known
Jan 11, 2020
220
It was the only reason that made me use Kaspersky in the first place. It was the perfect set-and-forget setup especially if you're not experienced enough to play with settings. Too bad!

Yes, TAM was practical, especially in situations where the PC is or can be used by people with no experience. The alternative is to the tweaking of Application Control.
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Have you thought about switching to a Windows Hello PIN?

1582805708886.png


It protects your privacy by never having to expose your account login password.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top