Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
VoodooShield
VoodooShield Review by PCMag India
Message
<blockquote data-quote="danb" data-source="post: 866779" data-attributes="member: 62850"><p>Before I forget, one of the most confusing elements of VS is the ON / OFF indicator on our desktop shield gadget. Essentially, the ON / OFF indicates whether the actual locking mechanism is ON or OFF at any given time, but this is very confusing to a lot of people. I think the best way to clarify this for the users would be to add a tiny lock icon / unlocked icon above the ON / OFF indicator, so basically it would be indicating Lock ON / Lock OFF. I am just finishing up the app to upload the new versions of Windows files to WLC, and once I finish I will start playing with this and it will be included in the next release. If you guys have any suggestions on how we can make it even better, please let me know.</p><p></p><p>As far as dynamic levels of protection / security postures goes, it actually gets even a little more interesting when you realize all of the benefits it provides. I will be a brief as possible because this could easily turn into a novel.</p><p></p><p>Windows Defender and other AV products have come a very long way the last few years, but they all have one thing in common. They focus solely on <u>what</u> causes an endpoint to become infected and do not even consider <u>why</u> an endpoint is infected. In other words, the industry focus has been on detecting malware or malicious actions (such as signatures, behavior, heuristics, ML/Ai etc.), which is <u>what</u> causes the system to become infected. Instead, what VoodooShield does is focus on <u>why</u> the system is infected. In almost all cases, the system was infected because the user was browsing the internet or checking email and they stumbled upon a malicious link or attachment.</p><p></p><p>VoodooShield solves this issue simply by offering dynamic levels of protection, based on the user’s current activities. All other traditional and next gen AV are only able to provide one static, constant level of protection. The end result is that these security products are not aggressive enough when they need to be and are over aggressive when they should not be. Sure, you can manually adjust the settings, but it is still a single, constant security posture. </p><p></p><p>The other thing that is pretty cool about toggling / dynamic levels of protection is that it is capable of creating the absolute most robust locking mechanism in the industry, which is something that most people completely overlook. Basically, security products that lock the computer full time can only make the locking mechanism so aggressive before it starts to cause serious issues, like quite possibly the computer not even being able to boot. But when you start at a lower security posture, and automatically toggle to a high security posture, you can lock the heck out of the machine, especially since it has already learned what not to block.</p><p></p><p>Which brings me to my final point. VoodooShield works by monitoring the actions and behaviors of all of the chain of events that occur on a system. For example, web browsers should be able to call Conhost.exe, but malware should not be able to. If you whitelist the entire C drive to build the initial whitelist, you are not able to utilize this type of “chain of events” mechanism. And what is even cooler, this also allows VS to protect essentially all of the Windows processes “out of the box” with this mechanism… not just the known vulnerable processes, especially since every couple of months the bad guys find a new vulnerable process / sponsor to exploit. If you protect essentially all of the Windows processes, you do not have to worry about adding new Windows vulnerable processes / sponsors to protected vulnerable app list.</p><p></p><p>And all of this is possible because VS automatically toggles between aggressive and relaxed security postures, based on the current user activity. Just imagine if your favorite traditional or next gen AV did this. False positives and false negatives would drop dramatically, and efficacy would go through the roof. There are other less significant benefits to dynamic security postures, but the above explains the key points in a nutshell.</p></blockquote><p></p>
[QUOTE="danb, post: 866779, member: 62850"] Before I forget, one of the most confusing elements of VS is the ON / OFF indicator on our desktop shield gadget. Essentially, the ON / OFF indicates whether the actual locking mechanism is ON or OFF at any given time, but this is very confusing to a lot of people. I think the best way to clarify this for the users would be to add a tiny lock icon / unlocked icon above the ON / OFF indicator, so basically it would be indicating Lock ON / Lock OFF. I am just finishing up the app to upload the new versions of Windows files to WLC, and once I finish I will start playing with this and it will be included in the next release. If you guys have any suggestions on how we can make it even better, please let me know. As far as dynamic levels of protection / security postures goes, it actually gets even a little more interesting when you realize all of the benefits it provides. I will be a brief as possible because this could easily turn into a novel. Windows Defender and other AV products have come a very long way the last few years, but they all have one thing in common. They focus solely on [U]what[/U] causes an endpoint to become infected and do not even consider [U]why[/U] an endpoint is infected. In other words, the industry focus has been on detecting malware or malicious actions (such as signatures, behavior, heuristics, ML/Ai etc.), which is [U]what[/U] causes the system to become infected. Instead, what VoodooShield does is focus on [U]why[/U] the system is infected. In almost all cases, the system was infected because the user was browsing the internet or checking email and they stumbled upon a malicious link or attachment. VoodooShield solves this issue simply by offering dynamic levels of protection, based on the user’s current activities. All other traditional and next gen AV are only able to provide one static, constant level of protection. The end result is that these security products are not aggressive enough when they need to be and are over aggressive when they should not be. Sure, you can manually adjust the settings, but it is still a single, constant security posture. The other thing that is pretty cool about toggling / dynamic levels of protection is that it is capable of creating the absolute most robust locking mechanism in the industry, which is something that most people completely overlook. Basically, security products that lock the computer full time can only make the locking mechanism so aggressive before it starts to cause serious issues, like quite possibly the computer not even being able to boot. But when you start at a lower security posture, and automatically toggle to a high security posture, you can lock the heck out of the machine, especially since it has already learned what not to block. Which brings me to my final point. VoodooShield works by monitoring the actions and behaviors of all of the chain of events that occur on a system. For example, web browsers should be able to call Conhost.exe, but malware should not be able to. If you whitelist the entire C drive to build the initial whitelist, you are not able to utilize this type of “chain of events” mechanism. And what is even cooler, this also allows VS to protect essentially all of the Windows processes “out of the box” with this mechanism… not just the known vulnerable processes, especially since every couple of months the bad guys find a new vulnerable process / sponsor to exploit. If you protect essentially all of the Windows processes, you do not have to worry about adding new Windows vulnerable processes / sponsors to protected vulnerable app list. And all of this is possible because VS automatically toggles between aggressive and relaxed security postures, based on the current user activity. Just imagine if your favorite traditional or next gen AV did this. False positives and false negatives would drop dramatically, and efficacy would go through the roof. There are other less significant benefits to dynamic security postures, but the above explains the key points in a nutshell. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
