Updates Trend Micro Improvements

McMcbrad

Level 23
Oct 16, 2020
1,252
One of the very best products ,especially it's BB....I only wish they brought back the firewall component...I would use it in a heartbeat:)
It may not include policy-based firewall, but it still includes system-wide web blocking and a light implementation of IPS. So apps are not allowed to communicate to malicious URLs, Windows Firewall can do the rest. I also prefer 3rd party firewalls, but the absence of such didn't bother me too much.
 

McMcbrad

Level 23
Oct 16, 2020
1,252
but it's still heavy on web browsing on my mid range laptop.
I'm very surprised by that, as on my system it is unnoticeable. Browsing is very fast and snappy. Upon launch of a website (I used stores and appliances websites), it draws 3% CPU split across 2 services. Afterwards, when you click on any page on the website, it draws <1%. These values are within the normal margins.
 
Last edited:

Nagisa

Level 7
Verified
Jul 19, 2018
323
It's being said Trend Micro's BB is good but I particularly wonder how good it can prevent C&C, data collection and exfiltration on the infected system.

It doesn't catch much threats pre-execution (if you ignore default-deny popups) and on-execution. There usually be a few malicious autoruns present on the system after testing it. It must be very reactive against such behaviours I mentioned above because once the data is stolen it's loo late.
 

McMcbrad

Level 23
Oct 16, 2020
1,252
It's being said Trend Micro's BB is good but I particularly wonder how good it can prevent C&C, data collection and exfiltration on the infected system.

It doesn't catch much threats pre-execution (if you ignore default-deny popups) and on-execution. There usually be a few malicious autoruns present on the system after testing it. It must be very reactive against such behaviours I mentioned above because once the data is stolen it's loo late.
You should not exclude the default-deny popup, as it is a security feature. If you include it, then rarely something will go through. From my tests it was able to block many RATs based on ZwWriteVirtualMemory or based on their startup configuration. Also, you are downloading malware from repositories, that's not what users in real life do. It has the most effective web blocking I've seen, but of course improvements can be made.
 
Top