Zero Trust (Solution Vote)

Preference of Zero Trust solution

  • Total voters
    92
danb

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,663
Max90 said:
When you are on Windows 10 or on Windows 11 with SAC disabled, Simple Windows Hardening is an excellent addendum to VoodooShield (and SWH is set and forget). VoodooShield is excellent against and executables and good against scripts, using SWH blocks scripts in user folders, making them a great combo.
Click to expand...
Please keep in mind, VS does not block anything globally, and will auto allow a new item if it is perfectly safe to do so. In other words, VS blocks scripts intelligently, not blindly.
 
  • Like
  • Applause
Reactions: Nevi, I Walk MY Way, Dave Russo and 4 others
danb

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,663
fakewatchman said:
Is there a way to disable user alerts? Such as an enterprise environment and not wanting users to allow something?
Click to expand...
Sure, there are several ways ;).

1) VS Settings / Basic tab: disable the "Enable balloon notifications and user prompts" option. This is a great way to go for consumers because the VS desktop shield gadget will still flash, so the user knows something was blocked.

2) VS Settings / Web Management tab: enable the "Require admin approval before letting the user allow new, non-whitelisted files" option. This is mainly for SMB / Enterprise use cases, but here is no reason you could not use it for your grandpa or child.

3) You could create a folder rule to silently block all user space folders. I have not played around with this much, but I think it would work really well for a lot of people.

And please keep in mind you can always set a password to VS so that users cannot change the settings. There are probably other ways to prevent users from clicking the allow button in VS, and if I think of more I will post them ;).

Also please keep in mind that any Off, Disable or Install Mode switch in ANY Zero-Trust product is effectively the exact same as an allow button ;). For example, from this thread...

malwaretips.com

How I got infected last time thread

Last time was couple years ago my uncle without my permission installed pirated games ,one was bundled with malware into my PC while we celebrated a holiday. Unfortunately had to reflash /reinstall windows after what happened just in case .
malwaretips.com malwaretips.com

I would also point out that given the exact same scenario, @RoboMan would have simply disabled any traditional Deny-by-default product he might have had installed (the non-prompting, non-file insght kind ;)), especially since it would have lacked the benefits of file insight and user recommendations. I could write a book on this subject... but I will say that working directly with end-users since 1999 really helped me to understand their thought processes and what UI design most users would consider to be user-friendly, and would be able to safely use.
 
  • Like
Reactions: Nevi, I Walk MY Way, Dave Russo and 7 others
ErzCrz

ErzCrz

Level 21
Verified
Top Poster
Well-known
Aug 19, 2019
1,023
Really torn between H_C and Comodo. H_C locks down my system and I'm inheritently more cautious running new software and liking the Install by Smartscreen. Comodo is great albeit a bit outdated, it stops all malware even if it's AV module isn't great. (Side note: CIS downloads light version of Database by default instead of full signature and heuristics turned off instead of low by default). Can't decide just now, will sleep on it :D
 
  • Like
  • +Reputation
Reactions: Nevi, piquiteco, Dave Russo and 3 others
Sandbox Breaker

Sandbox Breaker

Level 9
Thread author
Verified
Well-known
Jan 6, 2022
435
danb said:
Sure, there are several ways ;).

1) VS Settings / Basic tab: disable the "Enable balloon notifications and user prompts" option. This is a great way to go for consumers because the VS desktop shield gadget will still flash, so the user knows something was blocked.

2) VS Settings / Web Management tab: enable the "Require admin approval before letting the user allow new, non-whitelisted files" option. This is mainly for SMB / Enterprise use cases, but here is no reason you could not use it for your grandpa or child.

3) You could create a folder rule to silently block all user space folders. I have not played around with this much, but I think it would work really well for a lot of people.

And please keep in mind you can always set a password to VS so that users cannot change the settings. There are probably other ways to prevent users from clicking the allow button in VS, and if I think of more I will post them ;).

Also please keep in mind that any Off, Disable or Install Mode switch in ANY Zero-Trust product is effectively the exact same as an allow button ;). For example, from this thread...

malwaretips.com

How I got infected last time thread

Last time was couple years ago my uncle without my permission installed pirated games ,one was bundled with malware into my PC while we celebrated a holiday. Unfortunately had to reflash /reinstall windows after what happened just in case .
malwaretips.com malwaretips.com

I would also point out that given the exact same scenario, @RoboMan would have simply disabled any traditional Deny-by-default product he might have had installed (the non-prompting, non-file insght kind ;)), especially since it would have lacked the benefits of file insight and user recommendations. I could write a book on this subject... but I will say that working directly with end-users since 1999 really helped me to understand their thought processes and what UI design most users would consider to be user-friendly, and would be able to safely use.
Click to expand...
If a file is too large for WLC to analyse... Will it still allow the file to run. I've got mine to only allow WLC safe files.
 
  • Like
Reactions: Dave Russo and simmerskool
danb

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,663
ichito said:
Voted "other" what means SpyShelter. Not to listing SS is for me the sign that author is not enough experienced.
Click to expand...
SpyShelter is no doubt a great product, but in all fairness, it has not been included in similar polls in the past...

1.PNG
2.PNG

3.PNG
4.PNG
5.PNG
 
  • Like
  • Love
Reactions: Nevi, Idanox, Dave Russo and 7 others
ichito

ichito

Level 11
Verified
Top Poster
Content Creator
Well-known
Dec 12, 2013
541
Haha 😂
@danb in fact SS wasn't presented but please... I'm not ironic...what is the proof of? SS is developed since actually 14 years, longer than your VS and some other apps on the list.
Screenshots you attached are proof of nothing... sorry.
 
  • Applause
Reactions: kylprq
Andrezj

Andrezj

Level 6
Nov 21, 2022
248
ichito said:
Voted "other" what means SpyShelter. Not to listing SS is for me the sign that author is not enough experienced.
Click to expand...
it is just a opinion popularity poll which applies only to users here (which most are the same ones voting on the same poll at other forusm), voodooshield is promoted real hard here, with all the free licenses and giveaways, a product such as spyshelter has very little exposure here, then there are technologies in the poll that are not intended for consumers and they do not promote their product at places like this, so it is unlikely they would be popular
wdac, for example, is used across the millions of enterprise windows endpoints so the result in that poll has little indication of reality
the list of products is determined by the poll creator, there is always bias in such poll
the comparisons in that poll make little sense
 
Last edited by a moderator:
  • Like
  • Applause
Reactions: kylprq, Nevi and Dave Russo
danb

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,663
Andrezj said:
it is just a opinion popularity poll which applies only to users here (which most are the same ones voting on the same poll at other forusm), voodooshield is promoted real hard here, with all the free licenses and giveaways, a product such as spyshelter has very little exposure here, then there are technologies in the poll that are not intended for consumers and they do not promote their product at places like this, so it is unlikely they would be popular
wdac, for example, is used across the millions of enterprise windows endpoints so the result in that poll has little indication of reality
the list of products is determined by the poll creator, there is always bias in such poll
the comparisons in that poll make little sense
Click to expand...
Speaking of irony... if what you are saying is true, then why did you create this poll?

1.PNG


Users do not vote for a product because they got a free license, they vote for a product because they think it is the best. In fact, someone who received a free license would be more likely to envy a $90 product if it were truly better, and would likely vote in that direction. Not that it matters, VS has not had a giveaway on MT for years, and is not promoted on MT at all.

The above poll had 153 votes total, which is probably almost enough to be a true representative sample.

I just wish you would have kept that one poll up before you lost bigtime and decided to take it down before I could get a screenshot.

Merry Christmas JT / hjlbx !!!
 
  • +Reputation
  • Like
  • Applause
Reactions: Nevi, plat, Shadowra and 1 other person
Shadowra

Shadowra

Level 34
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,312
Andrezj said:
it is just a opinion popularity poll which applies only to users here (which most are the same ones voting on the same poll at other forusm), voodooshield is promoted real hard here, with all the free licenses and giveaways, a product such as spyshelter has very little exposure here, then there are technologies in the poll that are not intended for consumers and they do not promote their product at places like this, so it is unlikely they would be popular
wdac, for example, is used across the millions of enterprise windows endpoints so the result in that poll has little indication of reality
the list of products is determined by the poll creator, there is always bias in such poll
the comparisons in that poll make little sense
Click to expand...

You're talking nonsense.
I was offered Voodooshield but I didn't vote for it!
I have tested Voodoo so much that it is excellent for me. I have also brought up various attack techniques that I know of to make the software better.

And especially that we are a minority of users to have had it as a gift, @danb must be paid for his work
 
  • Like
  • Applause
Reactions: Nevi, danb, piquiteco and 3 others
Andrezj

Andrezj

Level 6
Nov 21, 2022
248
danb said:
Users do not vote for a product because they got a free license, they vote for a product because they think it is the best.
Click to expand...
that is an assumption and hardly correct and the reason that opinion polls are hardly predictive of what is best
best is a generic criteria that can mean a number of things to each user individually
danb said:
they vote for a product because they think it is the best.
Click to expand...
they might think it is best, best can mean any of a number of things to each user, maybe they just like the color of the gui
also it proves nothing if those that voted have not used all the products in the poll, which surely virtually all of them have not so they have no basis for judgment to say voodooshield is best
so again it is merely a popularity contest based upon personal factors
half the people that voted for voodooshield in this poll are not actively using it, so that says something about your product and the polling
danb said:
In fact, someone who received a free license would be more likely to envy a $90 product if it were truly better, and would likely vote in that direction.
Click to expand...
how absurd, you are saying that they would lie in their response to a poll out of envy
danb said:
Not that it matters, VS has not had a giveaway on MT for years, and is not promoted on MT at all.
Click to expand...
you hand out free licenses continuously, you advertise here at mt for people to send you a request, and you use mt as if it is the voodooshield promotion platform
the other products do no such thing, and most users here have never used them

try harder because there is ample evidence posted by your own product users here that it is not that great
 

Similar threads

S
New Microsoft guidance for the DoD Zero Trust Strategy
Replies
1
Views
153
Microsoft Defender
Bot
Bot
vtqhtr413
    • Like
Zero Trust Implementation for Government Agencies
Replies
0
Views
950
News Archive
vtqhtr413
vtqhtr413
Gandalf_The_Grey
    • Like
    • Applause
    • +Reputation
Security News Project Zero: The Windows Registry Adventure #1: Introduction and research results
Replies
0
Views
909
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top