New Update VoodooShield CyberLock 7.0

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,784
I have used both together for years (Trident has mentioned this is probably overkill) but I have had no problems, I also use CL with all Avs I ever had, never a problem
agree, except I did have an issue with VS/CL and DeepInstinct despite mutual exclusions. Had to do with Di sending updated info from server management console to my win10. I could not track it down in log files of either app, but stopping VS allowed Di to communicate with computer. I mentioned to Dan, but not many folks using Di here, and I think @Shadowra did not see this issue, so unexplained here. :confused:
 

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,597
I have used both together for years (Trident has mentioned this is probably overkill) but I have had no problems, I also use CL with all Avs I ever had, never a problem
Overkill doesn't necessarily mean that you will face problems. It's just about logical thinking. Kaspersky has great signatures, behaviour blocker and Application Control. Is there really the need of adding another real-time security solution to the system that might use extra disk space, RAM or CPU?
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,784
Overkill doesn't necessarily mean that you will face problems. It's just about logical thinking. Kaspersky has great signatures, behaviour blocker and Application Control. Is there really the need of adding another real-time security solution to the system that might use extra disk space, RAM or CPU?
maybe, depends of there's a gap VS closes, hard to know, I'm not an IT engineer... ;)
 

Xeno1234

Level 14
Jun 12, 2023
684
Overkill doesn't necessarily mean that you will face problems. It's just about logical thinking. Kaspersky has great signatures, behaviour blocker and Application Control. Is there really the need of adding another real-time security solution to the system that might use extra disk space, RAM or CPU?
Application Control by itself without changing anything is practically useless as anything unknown by default is placed into low restricted which by default has the permissions of trusted besides mic and webcam access

I have used both together for years (Trident has mentioned this is probably overkill) but I have had no problems, I also use CL with all Avs I ever had, never a problem
It probably is since Kaspersky compared to other products is overkill itself tbh - its just that good.

I have used both together for years (Trident has mentioned this is probably overkill) but I have had no problems, I also use CL with all Avs I ever had, never a problem
Did you have to make any changes to either software to make it work?
 

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,597
maybe, depends of there's a gap VS closes, hard to know, I'm not an IT engineer... ;)
Correct. That's why it's a good idea to use CyberLock with free antiviruses like Bitdefender Free for example, that have quite a few restrictions in their feature-set. Kaspersky's paid version however provides very strong protection for home users and doesn't need another security solution that runs in the background. You're better off with hardening the system with Application Control or adding tools like Simple Windows Hardening, Firewall Hardening that use the built in Windows features and don't need any extra computer resources. In my opinion everything else is exaggerated and paranoid. I had a different opinion before, but it changed over the months/years.
But it's just my personal opinion of course...
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,784
Correct. That's why it's a good idea to use CyberLock with free antiviruses like Bitdefender Free for example, that have quite a few restrictions in their feature-set. Kaspersky's paid version however provides very strong protection for home users and doesn't need another security solution that runs in the background. You're better off with hardening the system with Application Control or adding tools like Simple Windows Hardening, Firewall Hardening that use the built in Windows features and don't need any extra computer resources. In my opinion everything else is exaggerated and paranoid. I had a different opinion before, but it changed over the months/years.
But it's just my personal opinion of course...
I have used, (& use) H_C & SWH in some instances rather than VS. It just that I've used VS for so many years without issues, it's like an old friend and I like some of its features.
 

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,597
I have used, (& use) H_C & SWH in some instances rather than VS. It just that I've used VS for so many years without issues, it's like an old friend and I like some of its features.
Thats great! I mean if you are not facing any issues or a big performance impact then there is absolutely no reason not to use it. ;)
 

NormanF

Level 9
Verified
Jan 11, 2018
404
If you have an endpoint security suite, Voodoo Shield is redundant because it already has an application control module.

You don't derive benefit from the overlap. However if you run a free AV, VS will fill any gaps and provide additional protection.
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
If you have an endpoint security suite, Voodoo Shield is redundant because it already has an application control module.

You don't derive benefit from the overlap. However if you run a free AV, VS will fill any gaps and provide additional protection.
If the application control module built into your security suite does not happen have these features, you might consider installing CyberLock...


CyberLock Features (partial list):

Dynamic security postures

Antimalware contextual engine

More secure tiny, customized local whitelist

Automatically builds the tiny, customized local whitelist

Monitors entire attack chain, not just hash, name or signature

Antiexploit mechanism that protects web apps, vulnerable apps and virtually all Windows and common processes

VoodooAi analysis, detection and file insight

WhitelistCloud analysis, detection and file insight. Be quite certain that only benign processes are running at any given time.

Mini Prompt to avoid the user automatically or inadvertently clicking Allow. In other words, does not force the end-user to respond to dangerous affirmative user prompts.

Full User Prompt with complete file insight provided to the end user so they can make an informed decision

Multiple modes to adjust to any system or user

Advanced Digital Signature verification and algorithms

Robust command line handling

Robust vulnerable app handling

Robust LOLBin handling

Robust fileless malware handling

Robust script handling

Easy creation of Windows Firewall Rules

Auto creation of Windows Firewall Rules for unknown items

User recommendations with file insight on blocks

Custom Folders feature

Robust Rules feature

Protects, activates with and can disable USB drives

Automatic temp file cleanup

Installer detection

Multiple robust logging features

Local sandbox

Cuckoo sandbox

Web management console
 

cartaphilus

Level 11
Verified
Top Poster
Well-known
Mar 17, 2023
536
Hey Guys,

Here is the first VoodooShield 7.0 beta. The new Contextual Engine is almost 100% complete, but there will be a few blocks, so please let me know if you experience any unwanted blocks. Overall you should see a significant reduction in blocks, but I am certain that I am missing a few things, and we simply won’t know what they are until VS is ran on other systems with different software.

Once the Contextual Engine is 100%, I will update DefenderUI Pro to have the exact same engine. I am guessing a couple of weeks, once we figure out the unwanted blocks.

The GUI is under construction and there are a lot of colors and stuff I need to tweak, but it is fully functional. I just figured I would release this first version so you guys can beta test the new Contextual Engine, and figure out what we need to tweak under the hood, while I finish up the GUI.

BTW, VS’s self-protection is disabled for this version, just in case something weird happens you will be able to kill VS with the task manager. Assuming everything goes according to plan, we will enable self-protection in the next version.

I just want to mention, the new Contextual Engine is by far the biggest change ever made to VS under the hood, and soon I will explain how it works.

VS 6.75 beta
SHA-256: ca2e736e000c9ab8bed84bdf978561058fb4b05a1c56080e6d3886cf5b9025a2


VS 6.76 beta
SHA-256: eacecec901ceab9ef8eb1db36c10957c233aba24d7b5c962ff677e34b89629ab


Thank you guys!
Can you add the ability to whitelist cmd calls to a specific file? My checkpoint Harmony AV keeps popping cmd block each time it tries to connect. Mainly efrservice.exe because it's not signed.
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
@danb

Hi,

I was wondering if you could add a feature to CL. Add an option to create a rule by file hash. I discovered a threat intelligence community site: RiskIQ Community Edition They publish the hash of malware. It would be great if CL can ingest that SHA256 into a rule.
Thank you for the suggestion, I am not exactly sure what you have in mind. Are you saying to create rules for all known bad hashes? This would create entirely way too many rules, and VS / CL already uses the SHA-256 hash extensively in our other components.

Please let me know what you mean exactly and I will look into it, thank you!
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
Can you add the ability to whitelist cmd calls to a specific file? My checkpoint Harmony AV keeps popping cmd block each time it tries to connect. Mainly efrservice.exe because it's not signed.
Thank you for reporting this. This is super uncommon... VS / CL has reduced unwanted command line blocks to a minimum.

I am guessing that most of the command lines that are being blocked are extremely similar to each other, but maybe only vary by a few characters. If so, you can create a wildcard in the Command Lines tab of VoodooShield Settings.

If this is not the case, can you please email me a list of the command lines that are being blocked? Please send it to support at voodooshield.com, thank you!
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top