Which default/deny solution wins, and why?

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
please state why you made your choice. there is a bit of mystery surrounding some of these apps; let's put it on the table for all to see. Facts, not fables.

I deliberately left AppGuard off the list because it is in a class all by itself.
 
D

Deleted Member 3a5v73x

Voted for ReHIPS, but if i had to choose an anti-exe with default settings out of the box, i would say AppSamvid, its fairly new product and I start to think that it's so simple that my mom could even learn it, i want to believe its future and continous development. :)
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Somebody should come out a table to list out those mentioned software and their capabilities/weaknesses. Give them weightage points and rank them :D
@HarborFront, you read my mind. that is why I started this thread. Unfortunately, most users have not provided a lot of specific info about the nitty-gritty functioning of their favorite soft, so I haven't really achieved my goal. The inner workings of COMODO, for instance, remain shrouded in mystery.
So far, it is basically a popularity contest -- influenced by price, ease of use, and likability of the dev.
 
D

Deleted member 178

please state why you made your choice. there is a bit of mystery surrounding some of these apps; let's put it on the table for all to see. Facts, not fables.

I deliberately left AppGuard off the list because it is in a class all by itself.
Wise decision :D
AppGuard's class is Software Restriction Policy (for those who don't know).

now about the Poll , note than nobody can really tell about exploits because they are rarely seen, we can just theorize.

i tested several of them so for me the winners are :

1- ReHIPS
anti-exe: yes
anti-exploit: "yes" via isolation
dll protection: via isolation

2- Comodo

anti-exe: yes
anti-exploit: "yes" by HIPS or isolation
dll protection : yes by HIPS or isolation

Comodo is 2nd because its damn rules' bug and the use of kernel hooks.
i didn't tested KIS or Avast, ERP lack of dll & drivers protection. VS has no dll protection.
 
D

Deleted member 178

@HarborFront, you read my mind. that is why I started this thread. Unfortunately, most users have not provided a lot of specific info about the nitty-gritty functioning of their favorite soft, so I haven't really achieved my goal.
google it, or go to their respective forums , don't wait people do it or you...

The inner workings of COMODO, for instance, remain shrouded in mystery.
Comodo is an HIPS + isolation using kernel hooks , what inner other working knowledge you need?
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top