Jump to content

Behavior Blocker


Behavioral Security  

9 members have voted

You do not have permission to vote in this poll, or see the poll results. Please sign in or register to vote in this poll.

Recommended Posts

I think a behavior blocker would be a step in the right direction, better detection rates for sure! What is the point of having a second opinion malware engine if most AVs these days already use them?! Including a behavioral module would surely increase our detection of zero day threats too.

Link to post
Share on other sites

Good, but low sensitivity. I have tested it against tons of samples... only two were detected with it. Plus heuristics is old school, not saying it's bad just saying if we want to compliment an AV that is probably already using a form of heuristics we might as well do it right! Behavior blockers have a history of just being better as well. They don't need code from another malware sample to do their job... just suspicious activity is enough! It's like this:

A cop that looks for fingerprints at a crime scene is looking for signatures, a cop that looks for the way someone looks is looking for code, a cop that looks for behavior... well that is pretty self-explanatory. Therefore it just makes sense that behavior blockers work better, and just look around you'll see that heuristics (sadly) is coming to a close like pretty much all conventional AV stuff.

P.S. Just found out that MBAM is working on a behavior blocker for an upcoming build! Sweet!

Link to post
Share on other sites

P.S. Just found out that MBAM is working on a behavior blocker for an upcoming build! Sweet!

That's great news!

As an aside, I noticed via your signature that you use CIS Premium. I too considered using this but I remember reading on their forums that there seems to be a problem running CIS alongside MBAM PRO. Have you encountered any issues?

Link to post
Share on other sites

I am testing it now, and I haven't noticed any issues. Running XP SP3, 2GB RAM. There are some problems with training HIPS in CIS though, and of course the new build comes with nagware (First boot, and detection on demand) but I don't really care about that... expected out of every free product. I think I'll go back to avast free with privatefirewall. I wouldn't recommend CIS especially on a shared computer, other users may not even know what HIPS is let alone know how to deal with the pop ups.

Link to post
Share on other sites

P.S. Just found out that MBAM is working on a behavior blocker for an upcoming build! Sweet!

If they make this, I will probably dump it for personal use. MBAM is preffered because of the way it is now - simple, still not very big and able to work with antivirus. MBAM is not a security suite and I wouldn't prefer its bells and whistles, I want it and like it the way it is now.

Definitely NO for me.

Link to post
Share on other sites

I think if we ever did create something like this (and that is a very big IF), it would either be a totally separate program/product, or would be a completely optional add-on/plugin for Malwarebytes' Anti-Malware PRO. I personally am not a big fan of HIPS/behavior blockers as I find them to generally be far too complex to use for normal users.

Link to post
Share on other sites

I think if we ever did create something like this (and that is a very big IF), it would either be a totally separate program/product, or would be a completely optional add-on/plugin for Malwarebytes' Anti-Malware PRO. I personally am not a big fan of HIPS/behavior blockers as I find them to generally be far too complex to use for normal users.

Finally - some good news from exile360 :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.