What do you personally want in a BB/HIPS product?

W

Wave

Thread author
Hello! :)

Question: if you could choose up to 5 protection features to be in a BB/HIPS product, which ones would they be?

I'll give you an example of some (note that this is just an example - I cannot even pick a top 5 because it's so difficult for me, hopefully you lot can!):
1. Anti-Injection protection
2. AutoRun modifications protection
3. Hijacker/system changes protection (e.g. group policies protected against modification, wallpaper protection + browser protection, that sort of good stuff).
4. Driver/service protection (prevent unauthorised installations of drivers/services)
5. Keylogger protection.

(Just base the list on your personal preferences if you can - picking the top 5 is a very difficult task with all the features that can be listed).

I am just generally curious about what YOU would want to see in a HIPS product, thanks! ;)
 
  • Like
Reactions: askmark, kev216, Sr. Normal 2.0 and 6 others
L

LabZero

Thread author
1. Anti-Injection protection

Many malware use the dll injection technique ( code injection ).
Dll injection allows you to write the code to be run on another process in a Windows dll
But it is also possible to perform an injection without relying to a external library, in fact with this code, the exe performs a search of the PID by running directly the code injection through the creation of a space in the RAM.
That's an alternative code that, instead of basing it by starting the exe file that takes the library running the code injection, simply it starts the exe that already contains the code to inject.
HIPS systems are the first defence line against these attacks.
 
  • Like
Reactions: askmark, kev216, Sr. Normal 2.0 and 3 others
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
block scripts -- or at least warn -- is the easiest and least intrusive.
that alone will stop half the attack vectors
 
  • Like
Reactions: askmark, kev216 and shukla44
Xtwillight

Xtwillight

Level 6
Verified
Well-known
Jul 1, 2014
297
It is being searched for Do Legende Wollmilchsau:) for Security
sqy4j9rp.png

https://en.wiktionary.org/wiki/eierlegende_Wollmilchsau

Intelligent Hips and behavior blocker can much,
But nothing can 100% protect!

A lot off Malware is a Problem off Gaps in the OS System.

FULL control is desirable.
 
  • Like
Reactions: askmark, kev216, Sr. Normal 2.0 and 1 other person
Axelrod Sven

Axelrod Sven

Level 3
Verified
Well-known
Feb 11, 2016
132
There is one things I would like from a HIPS/BB. Ideal and not realistic...but I still dare to dream.

I would like a HIPS being developed by a reputed company that develops Signature-Based Antivirus. As a separate, standalone product. For example... let's say

Avira Internet Security
Avira HIPS <---theoretical product.

Avira Internet Security keeps out all the riff raff virus and malware as a first line of defense. Avira HIPS then acts as the second line of defense, by partially relying on the main program for signatures and database updates and self improving if need be. But it should be programmed to act standalone and independent from the main program to run its core functions if need be... and work as a HIPS like it is supposed to. Sometimes use Signatures from Avira's database, sometimes use its own internal programming to determine what is safe and what isn't.
 
  • Like
Reactions: kev216
askmark

askmark

Level 12
Verified
Top Poster
Well-known
Aug 31, 2016
578
1. 1-4 goes without saying
2. Full control over all functions

Plus a few non protection related suggestions:

3. Comprehensive logging, preferably integrated with OS event log

4. No garish UI with difficult to read fonts or unpleasant colour schemes. Basically the program should look like a native OS application. All windows should be resizeable

5. Notifications and popups should provide clear and detailed information
 
You must log in or register to reply here.

Similar threads

Adrian Ścibor
    • Like
    • +Reputation
    • Thanks
AVLab.pl Product Of The Year 2024 – Recommended solutions for securing Windows
Replies
6
Views
903
Security Statistics and Reports
oldschool
oldschool
Xeno1234
    • Like
    • +Reputation
    • Thanks
App Review Kaspersky Premium
Replies
12
Views
3,432
Written Reviews - Security and Privacy
rooney49
rooney49
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review Malwarebytes Premium Anti-Malware v5
Replies
5
Views
976
Video Reviews - Security and Privacy
anirbandutta01
anirbandutta01

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top