Jump to content

Behavioral Blocking / Analysis Features In The Future?


Malcontent

Recommended Posts

Ethos is Immunet's heuristic engine and in a broad sense Spero could be considered a behavior blocker of sorts. "Behavior blocker" processes are proprietary code unique to the various developers and using the term is like observing a pasta recipe needs "sauce."

 

As for 0-day, MRG's Flash tests to date puts Immunet PLUS (with ClamAV and Tetra enabled) in the 58% percentile which is eight to ten points higher (20 higher than Panda) than most of the suites not empowered with a strong HIPS component.

Link to comment
Share on other sites

Guest Mature

Ethos is Immunet's heuristic engine and in a broad sense Spero could be considered a behavior blocker of sorts. "Behavior blocker" processes are proprietary code unique to the various developers and using the term is like observing a pasta recipe needs "sauce."

 

As for 0-day, MRG's Flash tests to date puts Immunet PLUS (with ClamAV and Tetra enabled) in the 58% percentile which is eight to ten points higher (20 higher than Panda) than most of the suites not empowered with a strong HIPS component.

 

 

 

Not exactly ,generally saying heuristic can be categorized into two types --- Static Analysis and Dynamic Analysis,Static Analysis bases on analyzing file architecture with algorithm ,Dynamic Analysis major access the file actions and give a suggestion,they are two different technology and have each own advantages.Immunet heuristic is major Static Analysis maybe there's virtual machine to perform Dynamic Analysis too,but neither of them is what I asked for.

 

Behavior Blocking /Pro-active Protection/HIPS component are becoming popular since so many market vendors have developed their own Behavior Blocking /Pro-active Protection/HIPS component,Immunet should consider this for further development.

 

 

 

 

 

Link to comment
Share on other sites

Yeah. Whatever. Good luck with the asking.

 

My reply targeted the original post where I sensed Malcontent's concern that Immunet lacks any behavioral functionality whatsoever.

 

Immunet's core process as delivered by Ethos and Spero is all about behavior and behavior alone.

 

As to it being this analysis or that analysis or that other analysis is a discussion that's a waste of time and bandwidth - a behavior I'm ceasing as of right now.

 

Immunet is for those who seek other than what "so many market vendors have developed" and who've concluded they've succeeded and will continue to excel.

 

EOF

Link to comment
Share on other sites

If a PC user is concerned about 0 day vulnerabilities there are third party applications one could use as an added layer of protection such as Emsisoft's Mamutu which is a dedicated behavior analyzer/blocker. There are also a number of apps that use a HIPS approach incorporated into the program such as Comodo Internet Security's Defense+ and SpywareBlaster to name just a few.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...