- May 26, 2014
- 1,149
I have used both together for years (Trident has mentioned this is probably overkill) but I have had no problems, I also use CL with all Avs I ever had, never a problemDoes VoodooShield work with Kaspersky?
I have used both together for years (Trident has mentioned this is probably overkill) but I have had no problems, I also use CL with all Avs I ever had, never a problemDoes VoodooShield work with Kaspersky?
agree, except I did have an issue with VS/CL and DeepInstinct despite mutual exclusions. Had to do with Di sending updated info from server management console to my win10. I could not track it down in log files of either app, but stopping VS allowed Di to communicate with computer. I mentioned to Dan, but not many folks using Di here, and I think @Shadowra did not see this issue, so unexplained here.I have used both together for years (Trident has mentioned this is probably overkill) but I have had no problems, I also use CL with all Avs I ever had, never a problem
Overkill doesn't necessarily mean that you will face problems. It's just about logical thinking. Kaspersky has great signatures, behaviour blocker and Application Control. Is there really the need of adding another real-time security solution to the system that might use extra disk space, RAM or CPU?I have used both together for years (Trident has mentioned this is probably overkill) but I have had no problems, I also use CL with all Avs I ever had, never a problem
maybe, depends of there's a gap VS closes, hard to know, I'm not an IT engineer...Overkill doesn't necessarily mean that you will face problems. It's just about logical thinking. Kaspersky has great signatures, behaviour blocker and Application Control. Is there really the need of adding another real-time security solution to the system that might use extra disk space, RAM or CPU?
Application Control by itself without changing anything is practically useless as anything unknown by default is placed into low restricted which by default has the permissions of trusted besides mic and webcam accessOverkill doesn't necessarily mean that you will face problems. It's just about logical thinking. Kaspersky has great signatures, behaviour blocker and Application Control. Is there really the need of adding another real-time security solution to the system that might use extra disk space, RAM or CPU?
It probably is since Kaspersky compared to other products is overkill itself tbh - its just that good.I have used both together for years (Trident has mentioned this is probably overkill) but I have had no problems, I also use CL with all Avs I ever had, never a problem
Did you have to make any changes to either software to make it work?I have used both together for years (Trident has mentioned this is probably overkill) but I have had no problems, I also use CL with all Avs I ever had, never a problem
No, I never with Kaspersky added exception, if there is a conflict I have never noticed, I probably am not the one to give advice, better suited members with way more incite than I will ever have, are on this site,GlDid you have to make any changes to either software to make it work?
Thats true I have a default deny setup but idk what to do other than thatBut who said that you should leave it with default settings?
Correct. That's why it's a good idea to use CyberLock with free antiviruses like Bitdefender Free for example, that have quite a few restrictions in their feature-set. Kaspersky's paid version however provides very strong protection for home users and doesn't need another security solution that runs in the background. You're better off with hardening the system with Application Control or adding tools like Simple Windows Hardening, Firewall Hardening that use the built in Windows features and don't need any extra computer resources. In my opinion everything else is exaggerated and paranoid. I had a different opinion before, but it changed over the months/years.maybe, depends of there's a gap VS closes, hard to know, I'm not an IT engineer...
I have used, (& use) H_C & SWH in some instances rather than VS. It just that I've used VS for so many years without issues, it's like an old friend and I like some of its features.Correct. That's why it's a good idea to use CyberLock with free antiviruses like Bitdefender Free for example, that have quite a few restrictions in their feature-set. Kaspersky's paid version however provides very strong protection for home users and doesn't need another security solution that runs in the background. You're better off with hardening the system with Application Control or adding tools like Simple Windows Hardening, Firewall Hardening that use the built in Windows features and don't need any extra computer resources. In my opinion everything else is exaggerated and paranoid. I had a different opinion before, but it changed over the months/years.
But it's just my personal opinion of course...
Thats great! I mean if you are not facing any issues or a big performance impact then there is absolutely no reason not to use it.I have used, (& use) H_C & SWH in some instances rather than VS. It just that I've used VS for so many years without issues, it's like an old friend and I like some of its features.
If the application control module built into your security suite does not happen have these features, you might consider installing CyberLock...If you have an endpoint security suite, Voodoo Shield is redundant because it already has an application control module.
You don't derive benefit from the overlap. However if you run a free AV, VS will fill any gaps and provide additional protection.
Can you add the ability to whitelist cmd calls to a specific file? My checkpoint Harmony AV keeps popping cmd block each time it tries to connect. Mainly efrservice.exe because it's not signed.Hey Guys,
Here is the first VoodooShield 7.0 beta. The new Contextual Engine is almost 100% complete, but there will be a few blocks, so please let me know if you experience any unwanted blocks. Overall you should see a significant reduction in blocks, but I am certain that I am missing a few things, and we simply won’t know what they are until VS is ran on other systems with different software.
Once the Contextual Engine is 100%, I will update DefenderUI Pro to have the exact same engine. I am guessing a couple of weeks, once we figure out the unwanted blocks.
The GUI is under construction and there are a lot of colors and stuff I need to tweak, but it is fully functional. I just figured I would release this first version so you guys can beta test the new Contextual Engine, and figure out what we need to tweak under the hood, while I finish up the GUI.
BTW, VS’s self-protection is disabled for this version, just in case something weird happens you will be able to kill VS with the task manager. Assuming everything goes according to plan, we will enable self-protection in the next version.
I just want to mention, the new Contextual Engine is by far the biggest change ever made to VS under the hood, and soon I will explain how it works.
VS 6.75 beta
SHA-256: ca2e736e000c9ab8bed84bdf978561058fb4b05a1c56080e6d3886cf5b9025a2
VS 6.76 beta
SHA-256: eacecec901ceab9ef8eb1db36c10957c233aba24d7b5c962ff677e34b89629ab
Thank you guys!
Thank you for the suggestion, I am not exactly sure what you have in mind. Are you saying to create rules for all known bad hashes? This would create entirely way too many rules, and VS / CL already uses the SHA-256 hash extensively in our other components.@danb
Hi,
I was wondering if you could add a feature to CL. Add an option to create a rule by file hash. I discovered a threat intelligence community site: RiskIQ Community Edition They publish the hash of malware. It would be great if CL can ingest that SHA256 into a rule.
Thank you for reporting this. This is super uncommon... VS / CL has reduced unwanted command line blocks to a minimum.Can you add the ability to whitelist cmd calls to a specific file? My checkpoint Harmony AV keeps popping cmd block each time it tries to connect. Mainly efrservice.exe because it's not signed.
If CL can't handle too many rules, then forget it. I was thinking of using it like an SIEM.for all known bad hashes? This would create entirely way too many rules,
It can handle a lot of rules, but not hundreds of thousands or millions. There are other components in VS that handle what you are thinking of.If CL can't handle too many rules, then forget it. I was thinking of using it like an SIEM.