Emsisoft seems quite popular in these forums. It also has a cloud console feature, which I consider a must have so I'm considering it.
I don't understand why it's praised though (not implying it's not good, just don't see data backing the claim),
1) its BB is praised, however how does it compare to ASR rules, is there a complete list of what it blocks? is there a test suite like MS's test suite for ASR?
2) To the best of my understanding, it doesn't look like it supports AMSI, so I wonder how it scores against fileless.
3) there's little data from testing Labs so it's hard to rank it against other products.
4) it's not a full suite, eg while it has exploit mitigation my understanding is that it offers no exploit prevention module similar to MS' Exploit Guard and while its BB can protect from ransomware it lacks something like Controlled Folder Access should malware get past the BB.
I'm not trying to discredit the product, after all I haven't used it but it's hard to evaluate it without lab results and it looks like it's missing features like AMSI.
I don't understand why it's praised though (not implying it's not good, just don't see data backing the claim),
1) its BB is praised, however how does it compare to ASR rules, is there a complete list of what it blocks? is there a test suite like MS's test suite for ASR?
2) To the best of my understanding, it doesn't look like it supports AMSI, so I wonder how it scores against fileless.
3) there's little data from testing Labs so it's hard to rank it against other products.
4) it's not a full suite, eg while it has exploit mitigation my understanding is that it offers no exploit prevention module similar to MS' Exploit Guard and while its BB can protect from ransomware it lacks something like Controlled Folder Access should malware get past the BB.
I'm not trying to discredit the product, after all I haven't used it but it's hard to evaluate it without lab results and it looks like it's missing features like AMSI.