Andy Ful
From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
- Dec 23, 2014
- 8,604
Windows Defender Delay Protection is probably stronger than any antivirus Advanced Threat Protection (also that used in Microsoft Defender ATP in Enterprises). WDDP has an advantage that it can be easily understood and applied in a few minutes by most of the average users.
So, let's forget about AV battles, VirusTotal, and online Sandbox analyses. One does not need to waste time for a layered security and overkill setups. There is no need to install new security after each month and reinstall broken Windows two or more times a year. All of this can be solved in practice by using WDDP.
Yes, this would be too good to be true. Although the title is a kind of joke (Microsoft did not apply anything like WDDP), there exists a very easy procedure to avoid most of the 0-day malware, which is especially useful for Windows Defender. So, what is a Delay Protection? Simply, the user should execute/open the new files with one-day-delay. Why it can be useful? Because after one day, the malware is not 0-day anymore.
But, why it could be especially useful for WD? Because WD has got recently advanced postinfection behavior detection. It means that the user is well protected against the 0-day malware if he/she is not among the first few victims who use WD. In many cases, the postinfection detections are made within a few minutes after infecting the first victim. But often, the first victim who uses WD can be infected several hours after pushing the malware in the wild - that is why the one day delay is often necessary.
The Delay Protection will work well for other good AVs too when they use fast signatures instead of postinfection detections.
It is strange that such a simple and effective solution is not widely accepted by users. Are you ready for WDDP?
So, let's forget about AV battles, VirusTotal, and online Sandbox analyses. One does not need to waste time for a layered security and overkill setups. There is no need to install new security after each month and reinstall broken Windows two or more times a year. All of this can be solved in practice by using WDDP.
Yes, this would be too good to be true. Although the title is a kind of joke (Microsoft did not apply anything like WDDP), there exists a very easy procedure to avoid most of the 0-day malware, which is especially useful for Windows Defender. So, what is a Delay Protection? Simply, the user should execute/open the new files with one-day-delay. Why it can be useful? Because after one day, the malware is not 0-day anymore.
But, why it could be especially useful for WD? Because WD has got recently advanced postinfection behavior detection. It means that the user is well protected against the 0-day malware if he/she is not among the first few victims who use WD. In many cases, the postinfection detections are made within a few minutes after infecting the first victim. But often, the first victim who uses WD can be infected several hours after pushing the malware in the wild - that is why the one day delay is often necessary.
The Delay Protection will work well for other good AVs too when they use fast signatures instead of postinfection detections.
It is strange that such a simple and effective solution is not widely accepted by users. Are you ready for WDDP?