Robbie

Level 27
Verified
Content Creator
Hello everybody,

Lets try to leave aside all the politics about if antivirus work or not, or if they are meant for you or your grandma.

What would you say is the best security software for professionals? Meaning this, what do you believe is the best AV/suite/security program for IT experts?

To suite an expert's hand, it should:
  • Be flexible enough
  • Contain several tweaking/configuring options
  • Accept introduction and modification of rules for its modules
Forget about install & forget software, look for an antivirus or software in which, if you know enough, you can spend time configuring in a way it can protect you in ways no ordinary final user could achieve.

For example, I believe ESET is a great consumer user, but if you know enough, it has infinite tweaking options, like the flexibility of the HIPS module that will let you add/modify all the rules that you want, and give you the opportunities to create a whole default-deny module within your rules.

Check: Discuss - Configure ESET as default-deny (bye ransomware!)

What's your expert software? Think big, like ERP, system hardening by rules and policies, anything that will let you go creative and implement the security level you desire by playing with one single piece of software.
 

ichito

Level 6
Verified
Content Creator
I think SpyShelter can be a good example of an app you asked...I'm using it from years and some detailed info you can find in this thread
 

shmu26

Level 81
Verified
Trusted
Content Creator
Hello everybody,

Lets try to leave aside all the politics about if antivirus work or not, or if they are meant for you or your grandma.

What would you say is the best security software for professionals? Meaning this, what do you believe is the best AV/suite/security program for IT experts?

To suite an expert's hand, it should:
  • Be flexible enough
  • Contain several tweaking/configuring options
  • Accept introduction and modification of rules for its modules
Forget about install & forget software, look for an antivirus or software in which, if you know enough, you can spend time configuring in a way it can protect you in ways no ordinary final user could achieve.

For example, I believe ESET is a great consumer user, but if you know enough, it has infinite tweaking options, like the flexibility of the HIPS module that will let you add/modify all the rules that you want, and give you the opportunities to create a whole default-deny module within your rules.

Check: Discuss - Configure ESET as default-deny (bye ransomware!)

What's your expert software? Think big, like ERP, system hardening by rules and policies, anything that will let you go creative and implement the security level you desire by playing with one single piece of software.
What is the purpose of this "expert" software that you are speaking of? Are you sure that you need it in order to avoid infection on your personal computer?
Here's a good quote that @Andy Ful pulled from the Intro to UQ Cyber Security initiative Keynote by Mikko Hypponen 'Computer Security: Yesterday, Today and Tomorrow' :
"So, to fight the criminal attackers you do not have to have perfect security. You just have to have a little bit better security."

A little bit in experienced hands goes a long way. A lot in rooky hands won't help much.
 

Andy Ful

Level 44
Verified
Trusted
Content Creator
Many professionals will stick with Windows 10 built-in security. They can restrict Windows 10 via policies, WD Exploit Guard, Applocker (or SRP)/Device Guard/Application Control, etc.
They do not feel usability issues which are probably important for most users and value the great compatibility of built-in Windows features. They can use/apply these features as we normally use clothes in the way which is suited to the concrete situation and their needs. They also know the weak points of the actual setup, and can avoid the danger.(y)
 

blackice

Level 7
Many professionals will stick with Windows 10 built-in security. They can restrict Windows 10 via policies, WD Exploit Guard, Applocker (or SRP)/Device Guard/Application Control, etc.
They do not feel usability issues which are probably important for most users and value the great compatibility of built-in Windows features. They can use/apply these features as we normally use clothes in the way which is suited to the concrete situation and their needs. They also know the weak points of the actual setup, and can avoid the danger.(y)
I work for an Agency that uses WD and policy. They have us locked down pretty tight. I've only seen one instance where someone had an infection. Probably some phishing nonsense. They also do a good job of trying to educate users on how to have safe habits.
 

Andy Ful

Level 44
Verified
Trusted
Content Creator
Reducing the attack surface by restricting Windows and Software is the best method from the security viewpoint, but it is also against human nature. So, in my opinion, it can be good for some professionals who can easily activate/deactivate security features as they need, and also for casual users as a locked setup. This is similar to a healthy (restricted) diet on the contrary to eating everything you want, whenever you like (supported by a handful of pills and supplements).:giggle:
 
Last edited:

Robbie

Level 27
Verified
Content Creator
What is the purpose of this "expert" software that you are speaking of? Are you sure that you need it in order to avoid infection on your personal computer?
Here's a good quote that @Andy Ful pulled from the Intro to UQ Cyber Security initiative Keynote by Mikko Hypponen 'Computer Security: Yesterday, Today and Tomorrow' :
"So, to fight the criminal attackers you do not have to have perfect security. You just have to have a little bit better security."

A little bit in experienced hands goes a long way. A lot in rooky hands won't help much.
No, I don't need it! I am myself very well protected! This is some security discussions so we can hear everybody's opinion. I don't intend this thread to be a recommendation thread to change my configuration :=)
 

AriDfoix

Level 3
I think security professionals, code their own things, or they compile them from sources, because they don't trust anyone.

One tool that I saw many Malware Analysts use nowadays is pestudio, even if there is another one called puppy that do an amazing job, then there is PEExplorer, sadly you will need to compile it inside VisualStudio, but it worth the efforts, is amazing.


:)

I think they don't have a best security software, they adapt their tools to the task they need to do more or less.
 
Last edited:

shmu26

Level 81
Verified
Trusted
Content Creator
From what I hear, the IT professional who is responsible for a business or institution usually can't even do what he wants with security, because it impacts productivity and also aggravates the workers to no end.
What's more, he might not even know every much about security himself. First priority is to make sure things work so he doesn't get fired.
 

Windows_Security

Level 23
Verified
Trusted
Content Creator
In the Netherlands most business only allow their employees to login as standard user. From what I have seen most companies use a third party antivirus and some sort of monitoring software to be alerted for network attacks or unusual server activity.

Small business tend to opt for cloud services in which security and data backup is included.
 

blackice

Level 7
Reducing the attack surface by restricting Windows and Software is the best method from the security viewpoint, but it is also against human nature. So, in my opinion, it can be good for some professionals who can easily activate/deactivate security features as they need, and also for casual users as a locked setup. This is similar to a healthy (restricted) diet on the contrary to eating everything you want, whenever you like (supported by a handful of pills and supplements).:giggle:
We can install literally nothing on our work computers without IT approval. It’s a solid system.
 

Andy Ful

Level 44
Verified
Trusted
Content Creator
Good habits is the best security, I can run Windows for years with no security software and/or tweaks and still don't get infected. :coffee:
I can agree with the first part of your statement. The second is only your belief, just like some people believe that they are safe on the road because they are good drivers.:emoji_thinking:
Anyway, I may be wrong in your personal case. :giggle:
By the way, how can you be sure that you will use Windows for years?
 
Last edited:

Local Host

Level 17
Verified
Truth is rule number one. (Good habits)
But one thing is, on a personal level and another is at the Company level, at the Company level, Windows must be adjusted.
In this topic was asked what is the best security for IT Experts/Professionals, not what is the best security for Companies. An IT Expert using security software or not, on a personal level, won't make much of a difference in most cases.
I can agree with the first part of your statement. The second is only your belief, just like some people believe that they are safe on the road because they are good drivers.:emoji_thinking:
Anyway, I may be wrong in your personal case. :giggle:
By the way, how can you be sure that you will use Windows for years?
We all know how the majorly of malware is delivered nowadays, E-Mail, an IT Expert can easily tell a legit E-Mail from a Malicious E-Mail.

The only malware I would be worried about, are the ones on legit websites that get hijacked with malicious ads and such, or even targetted malware on legit software update channels like CCleaner (both rare, especially in a Home Environment).

I already used Windows for years without any security software, and never had malware on my computers, I would run a scan just for laughts once every year and it would never find anything as expected (I doubt I'm the only one too, the majorly of you could do it).
 
Last edited:

ichito

Level 6
Verified
Content Creator
I can agree with the first part of your statement. The second is only your belief, just like some people believe that they are safe on the road because they are good drivers.:emoji_thinking:
Hahaha...well said :D Each day proves me how "good drivers" we can see on the roads :ROFLMAO:

The only malware I would be worried about, are the ones on legit websites that get hijacked with malicious ads and such, or even targetted malware on legit software update channels like CCleaner (both rare, especially in a Home Environment).

I already used Windows for years without any security software, and never had malware on my computers, I would run a scan just for laughts once every year and it would never find anything as expected (I doubt I'm the only one too, the majorly of you could do it).
Your habit not to use security app is not common and shouldn't be promoted on forum like this one. Users who who try to find some security solution might want to do the same no matter how strong there are theys knowledge, skills and experience...is not risky t say that it can be dangerous for them because they usualy tink that they are smarter and more advanced than they are in fact.