Advice Request SecureAPlus as an anti-exe

[notabot]

Hi,

I was wondering, viewing SecureAPlus purely from the anti-exe point of view, does it support monitoring & allowing/not allowing : parent process -> child process pairs
Or it operates only on the basis is process XYZ allowed to run no matter which process started it?

 

[EndangeredPootis]

Voodooshield is better as it uses 50+ engines instead of only 12, its also only like 30 megabytes in task manager compared to securea's 150-180 megabytes, as much as kaspersky and twice as much as norton.

 

[Azure]

Voodooshield is better as it uses 50+ engines instead of only 12, its also only like 30 megabytes in task manager compared to securea's 150-180 megabytes, as much as kaspersky and twice as much as norton.

I don't think this answers OP's question. Since the question is about its anti-exe capabilities, not number of AV engines.

 

[EndangeredPootis]

I don't think this answers OP's question. Since the question is about its anti-exe capabilities, not number of AV engines.

Thats not what im implying, im simply saying its easier to use voodooshield as securea uses a lot of resources

 

[imuade]

Voodooshield is better as it uses 50+ engines instead of only 12, its also only like 30 megabytes in task manager compared to securea's 150-180 megabytes, as much as kaspersky and twice as much as norton.

To use voodooshield with parent/child process control you need to purchase the pro license.
If you want a free software, better to use re:hips

 

[ForgottenSeer 823865]

If you looking for strict parent-child monitoring, only 2 mechanisms are fitting:
Pure Anti-exe (ERP, VS) and HIPS (Comodo, Spyshelter).
Eventually you have ReHIPS.

If you want a free software, better to use re:hips

nope NVT ERP fits better and it is really free, ReHIPS is a demo which have limited sandboxed processes, so no way to use modern browsers with it.

 

[imuade]

nope NVT ERP fits better and it is really free, ReHIPS is a demo which have limited sandboxed processes, so no way to use modern browsers with it.

The anti-exe feature of Re:HIPS is not affected by the demo restrictions, only the sandbox part is
NVT ERP is free only if you install the v4 beta, v3 is still a paid software

 

[ForgottenSeer 823865]

The anti-exe feature of Re:HIPS is not affected by the demo restrictions, only the sandbox part is

indeed, but ReHIPS is a sandbox first.

NVT ERP is free only if you install the v4 beta, v3 is still a paid software

if you know about v3, you would normally know about v4

 

[ForgottenSeer 69673]

To use voodooshield with parent/child process control you need to purchase the pro license.
If you want a free software, better to use re:hips

dan has a deal right now if you sign up for his new forum, he will give you a free pro lic for one year

 

[shmu26]

The anti-exe feature of Re:HIPS is not affected by the demo restrictions, only the sandbox part is

This is very true. But in the current version of ReHIPS, the anti-exe feature is not as strongly configured as in the competitors. Unless you go and tweak the rules, some of them are a little bit on the permissive side, if you are using it without isolation, which is the primary feature. On the other hand, you have to be a real paranoid to isolate modern multi-process browsers such as Chrome and Firefox. They are safe enough without isolation.

 

[notabot]

Other alternatives have been mentioned and some of them are probably very good solutions for a single machine.

However SecureAplus offers administration via web dashboard - without this feature I'd rather go for no anti-exe at all. It's not meant to compare anti-exe features, it's more like if secureaplus doesn't offer it (unless eg Voodooshied offers a web dashboard in the future), I'll pass on anti-exes altogether.

 

[shmu26]

I haven't tried out SecureAPlus in a couple years, but when I did, it was the weakest of the anti-exe programs available at the time, but also the most user-friendly (unless you try to apply advanced tweaks, at which point it becomes very difficult to use).

 

[RodM1956]

Just use PC Matic and be done with it.

 

[ForgottenSeer 823865]

Just use PC Matic and be done with it.

lol seems this atrocious mechanism get popular recently, some see it as The Graal of security LOL

 

[RodM1956]

lol seems this atrocious mechanism get popular recently, some see it as The Graal of security LOL

It's the most honorable, number one, AV on the market.

How do I know?

I've seen all their commercials, and you know, everything you see on TV is true. CNN says so.

 

[ForgottenSeer 823865]

It's the most honorable, number one, AV on the market.

The idea behind it seems efficient on paper, but when you think a bit deeper about it, implementing it is atrocious and requires heavy workforce that even MS don't dare to try lol.
Imagine adding to the list thousands of files on a daily basis LOL.

 

[RodM1956]

The idea behind it seems efficient on paper, but when you think a bit deeper about it, implementing it is atrocious and requires heavy workforce that even MS don't dare to try lol.
Imagine adding to the list thousands of files on a daily basis LOL.

I agree, I also was joking with u

 

[sap]

Hi,

I was wondering, viewing SecureAPlus purely from the anti-exe point of view, does it support monitoring & allowing/not allowing : parent process -> child process pairs
Or it operates only on the basis is process XYZ allowed to run no matter which process started it?

It operates only on the basis is process XYZ allowed to run no matter which process started it.