Be more creative. Let's do a whole shield and a broken (cracked shield) maybe? On hover, it can say "Your shield is up" and "Your shield is not up".
Security-wise it is actually very sophisticated software. I am still playing with it since last night. What I would like to see, I am not sure if the software architecture allows is, different scanning engines being toggled on and off and assigned a weight or "trust level". For example I trust Kaspersky's engine more than I trust Qihoo. Emsisoft is full of FP... Maybe a trust level of low, med and high can be added for each engine... but that is not mandatory. I think they can be "deduplicated" at least, as there are tens of Bitdefender-based solutions and forks so it's not really fair these products to be counted...
That's just a quick notification sample that I did... I will keep working on it.
Known malicious file:
View attachment 235083
and then when clicked...
View attachment 235085
Never-before-seen file:
View attachment 235089
View attachment 235090
File rescanned after 12 hours (period should be defined by user in settings)
Threat detected:
View attachment 235093
View attachment 235094
View attachment 235097
I suggest that all alerts fade or slide in.
The concept of these alerts is pretty much the same. The VoodooShield logo is used as a guide, it displays the percentage of engines detecting this file as threat, check marks and question marks so the users know what's going on even without reading. The color-coded bar on top holds the file name, but it also helps users take instant decision. It follows the transitioning of the file from unknown (grey) to trusted (green), malicious (red), or more weirdly, still unknown (black).
VoodooShield is an excellent product, but program capabilities, as well as events need to be communicated to the user in the friendliest way possible. If users don't understand the program, neither they will pay for it, as they don't see the benefits, nor will they be able to secure their system.