New Update VoodooShield CyberLock 7.0

  • Like
  • +Reputation
Reactions: 1chaoticadult, Zartarra, ZeroDay and 6 others
@danb when you have time (near future) could you explain optimal usage of Attack Chains. Eg, I just updated to 7.69, install no problems seen, and I have 240 attack chains listed, probably collected over the past several weeks. What are we looking for there, and how often should user clear to start recording a new list? :unsure:
PS liking the Windows Sandbox feature a lot :D on my hardware win10. (so far my VMware win10s will not run Windows Sandbox -- but fwiw, I started to run Sandboxie-Plus in VM. :whistle:)
 
  • Wow
  • Like
Reactions: [correlate] and codswollip
danb said:
Not that I can think of. Can you please send me the Xcitium alert and I can look into this and try to make sense of it? Thank you!
Click to expand...
cyberlock-write.png
 

Attachments

  • cyberlock-write.png
    cyberlock-write.png
    215.6 KB · Views: 148
Last edited:
  • Like
Reactions: Zartarra, Gandalf_The_Grey and simmerskool
simmerskool said:
@danb when you have time (near future) could you explain optimal usage of Attack Chains. Eg, I just updated to 7.69, install no problems seen, and I have 240 attack chains listed, probably collected over the past several weeks. What are we looking for there, and how often should user clear to start recording a new list? :unsure:
PS liking the Windows Sandbox feature a lot :D on my hardware win10. (so far my VMware win10s will not run Windows Sandbox -- but fwiw, I started to run Sandboxie-Plus in VM. :whistle:)
Click to expand...
Sure, the Attack Chains feature mainly works under the hood, drastically reducing unnecessary user prompts, and requires zero user intervention.

The Attack Chains tab in CyberLock settings gives you an idea of what is going on under the hood, but it is not absolute because hardcoded or user rules can override the events listed in the Attack Chains tab. There are a lot of new features we will be implementing soon that will make the Attack Chains feature even more useful. One of the things I use it for is if there is ever a process that is running that I am not sure where it originated from, I can search in the Attack Chains tab and find out exactly where it originated.

Yeah, I am loving Windows Sandbox as well... it really is a perfect fit with CyberLock. We will be able to do some more really cool things with the Windows Sandbox integration very soon. Thank you!
 
  • Like
  • +Reputation
Reactions: icotonev, Zartarra, Gandalf_The_Grey and 2 others
A few users have asked about how the Attack Chains tab takes a few seconds to load, here is a brief description of why...

It takes a while to enumerate the attack chains and apply the rules, there is not much that can be done about that, some operations just take time. If we enumerated the attack chains and applied the rules when the CyberLock Settings are opened, it would lag every single time Settings was opened, whether the user clicks on the Attack Chains tab or not. Probably the best thing we can do is to add a progress bar during this operation. I thought greying out the Attack Chains tab would suffice, but this does not appear to be the case.
 
  • Like
  • +Reputation
  • Hundred Points
Reactions: ForgottenSeer 94738, Dave Russo, scorpionv and 4 others
danb said:
A few users have asked about how the Attack Chains tab takes a few seconds to load, here is a brief description of why...

It takes a while to enumerate the attack chains and apply the rules, there is not much that can be done about that, some operations just take time. If we enumerated the attack chains and applied the rules when the CyberLock Settings are opened, it would lag every single time Settings was opened, whether the user clicks on the Attack Chains tab or not. Probably the best thing we can do is to add a progress bar during this operation. I thought greying out the Attack Chains tab would suffice, but this does not appear to be the case.
Click to expand...

I can imagine enumerating and sorting the Attack Chains in a database the moment a new Attack Chain is added (like a database INSERT), and loading only the top 30 when opening the page (like a database SELECT). Further SELECTs are only necessary when the user scrolls, or changes the sort order.

But I don't know what goes on behind the Attack Chains scenes, and if this is even a possibility.
 
  • Like
Reactions: danb, icotonev, ForgottenSeer 94738 and 2 others
scorpionv said:
But I don't know what goes on behind the Attack Chains scenes, and if this is even a possibility.
Click to expand...
@danb I don't even see why users would need to see AC info ... What would you use the info for? 🤔
 
Last edited:
  • Like
  • Wow
  • Hundred Points
Reactions: danb, Gandalf_The_Grey, ForgottenSeer 94738 and 3 others
Seeing the attack chains is useful but I'm fine with it taking what is currently 10 seconds to display them as it's only to delve further into blocks but it's not something I've had to look into beyond some OEM software blocks.
 
  • Like
Reactions: danb and simmerskool
scorpionv said:
I can imagine enumerating and sorting the Attack Chains in a database the moment a new Attack Chain is added (like a database INSERT), and loading only the top 30 when opening the page (like a database SELECT). Further SELECTs are only necessary when the user scrolls, or changes the sort order.

But I don't know what goes on behind the Attack Chains scenes, and if this is even a possibility.
Click to expand...
Sure, we can look into this, thank you!
 
  • Like
Reactions: simmerskool
oldschool said:
@danb I don't even see why users would need to see AC info ... What would you use the info for? 🤔
Click to expand...
Most users never even open CyberLock Settings. Most of the Attack Chain features happens under the hood, but it is nice to see what is going on under the hood if you are an advanced user. We will be adding features to the Attack Chain feature, then it will make sense why they are included in settings. That, and if you are curious what is spawning a certain item, you can quickly find it in Attack Chains.
 
  • Like
  • +Reputation
Reactions: simmerskool, ForgottenSeer 94738 and oldschool
Hey Guys!

I have been playing around with the desktop shield gadget design, can you please try this version and let me know what you think?

If we do change to this type of desktop shield gadget, we will be able to have better descriptive labels other than simply ON and OFF, and we will be able to localize the labels for all of the languages. It will take a little while to get used to, but I think after a day or so most people will like this change, but please let me know what you think!


New gadget.png


Thank you guys!
 
  • Like
  • +Reputation
Reactions: Zartarra, simmerskool, Gandalf_The_Grey and 4 others
danb said:
Hey Guys!

I have been playing around with the desktop shield gadget design, can you please try this version and let me know what you think?

If we do change to this type of desktop shield gadget, we will be able to have better descriptive labels other than simply ON and OFF, and we will be able to localize the labels for all of the languages. It will take a little while to get used to, but I think after a day or so most people will like this change, but please let me know what you think!


View attachment 281001

Thank you guys!
Click to expand...
I like it very much!
 
  • Like
Reactions: danb, 1chaoticadult, simmerskool and 2 others
@danb Really like the look of the new icons and echo what @oldschool said.

What might be good feature is to have it be a double click to turn it on or off rather than a single click so it's not turned off in error. Or even just with a single click, showing the Mode so you can just select from the list and choose what mode you wish to have CL/VS in as I pop it in autopilot when I'm changing some software or there's a game update etc.
 
  • Like
Reactions: danb, Gandalf_The_Grey, simmerskool and 1 other person
danb said:
Hey Guys!

I have been playing around with the desktop shield gadget design, can you please try this version and let me know what you think?

If we do change to this type of desktop shield gadget, we will be able to have better descriptive labels other than simply ON and OFF, and we will be able to localize the labels for all of the languages. It will take a little while to get used to, but I think after a day or so most people will like this change, but please let me know what you think!


View attachment 281001

Thank you guys!
Click to expand...

I like it as well. Is it possible to give us options. I wouldn't mind having an icon without the logo and perhaps a thinner border.
 
  • Like
Reactions: danb
oldschool said:
@danb I assume the tray icon will remain the same? 🤔
Click to expand...
Well, that is one of the cool things about the new gadget... now we can change the old VS icon to anything we want. I have a couple of different designs in mind and we will change it sooner than later.
 
  • Like
  • +Reputation
Reactions: Gandalf_The_Grey and simmerskool
ErzCrz said:
@danb Really like the look of the new icons and echo what @oldschool said.

What might be good feature is to have it be a double click to turn it on or off rather than a single click so it's not turned off in error. Or even just with a single click, showing the Mode so you can just select from the list and choose what mode you wish to have CL/VS in as I pop it in autopilot when I'm changing some software or there's a game update etc.
Click to expand...
Thank you, I will keep your suggestions in mind. We have played around with the single and double click in the past and always ended up where it currently is, but we can certainly revisit this as well.
 
  • Like
  • +Reputation
  • Thanks
Reactions: Gandalf_The_Grey, simmerskool and ErzCrz

You may also like...