I think almost no mainstream AV on the market has such one click option to block scripts, macros, unknown program blocking, etc features. Giving such option directly in the UI could do more harm than good if a not so knowledgeable user decides to play with those options. ESET even recommends not to play with HIPS if the user don't know what they are doing and ESET being a very false positive sensitive company, I don't ever see them adding those features directly in the UI.Hello Fellow ESET Users,
I saw your discussion about ESET and I wanted to see if some of you that use ESET could answer a "WHY" type of question for me.
I have used ESET for several years, and I like it. But, I have also tried to harden it by adding a few of the "Best Practices" types of rules that have been recommended here in MT, and also by ESET on their support webpage. Namely, I have added the HIPS rules to prevent unwanted execution of malware in certain folders on my machine, such as APPDATA, TEMP, Excel & MS Word scripts, etc. That being said, my question is this: Why doesn't ESET take the time to add simple options buttons in their settings screens to allow us to easily block the execution of files in these vulnerable directories? Why do we have to go to the trouble of manually adding this rules?
I certainly understand the idea that some programs need to execute in those folders, so some people would not want them turned on. But since most home users don't need scripts running is those folders, why hasn't ESET simply expanded their setting options to allow us to easily block those things? From what I have seen in the ESET discusion folder, when a person adds these advanced hardening rules to ESET HIPS, it performs much better. Hence that is why is is recommended. It seems like a simple no brainer.
They could add these settings, and turn them on by default when the program is installed, and then add a simple interactive dialog question when a program such as EXCEL tries to run in those folders. But they don't do that - like it is too hard to add these simple hardening techniques to their system. Clearly, after all this time of ESET support recommending these hardening rules, they certainly have thought about this, but they have made the decision not to add them. Indeed, if they did do this, I bet their program would perform even better on those tests that we all see on AVTEST and AV-COMPARABLES., and would probably increase their overall program sales.
I suspect that part of the problem is that ESET is very much focused on the business corporate AV market - a market that typically uses professional IT managers who can easily write group policy rules, etc. I think they tend to thing of the retail home users a afterthought and don't really write their program with home users in mind. What do all of you think? Thanks
But TAM was one-click away and you're system is protected. Now you need the knowledge to replicate TAM using application control module. When a friends asked me how to configure Kaspersky, all I needed to do is tell them to enable TAM.Kaspersky had one kind of a similar feature on their products with "Trusted Application Mode" which only allowed programs trusted by Kaspersky cloud to run. But they removed the feature in their latest version saying barely anyone use this feature. The same protection can be achieved by modifying their application control module so they didn't see any reason to keep a separate module.
Yes but like i said, very few users use it so they decided to remove it. Advanced users would know how to configure application control.But TAM was one-click away and you're system is protected. Now you need the knowledge to replicate TAM using application control module. When a friends asked me how to configure Kaspersky, all I needed to do is tell them to enable TAM.
Maybe from commercial point of view they did remove it; it requires maintenance and since a few people use it they saw it is useless to keep developing it.very few users use it so they decided to remove it
Advanced users would know how to configure application control.