Malcontent Posted June 30, 2011 Report Share Posted June 30, 2011 Any plans to add behavioral blocking and/or analysis to Immunet in the future? I feel that it would improve Immunet's protection for 0-Day malware. Link to comment Share on other sites More sharing options...
Guest Mature Posted June 30, 2011 Report Share Posted June 30, 2011 I've suggested this long time ago~~seems this won't happen soon Link to comment Share on other sites More sharing options...
dallas7 Posted July 1, 2011 Report Share Posted July 1, 2011 Ethos is Immunet's heuristic engine and in a broad sense Spero could be considered a behavior blocker of sorts. "Behavior blocker" processes are proprietary code unique to the various developers and using the term is like observing a pasta recipe needs "sauce." As for 0-day, MRG's Flash tests to date puts Immunet PLUS (with ClamAV and Tetra enabled) in the 58% percentile which is eight to ten points higher (20 higher than Panda) than most of the suites not empowered with a strong HIPS component. Link to comment Share on other sites More sharing options...
Guest Mature Posted July 1, 2011 Report Share Posted July 1, 2011 Ethos is Immunet's heuristic engine and in a broad sense Spero could be considered a behavior blocker of sorts. "Behavior blocker" processes are proprietary code unique to the various developers and using the term is like observing a pasta recipe needs "sauce." As for 0-day, MRG's Flash tests to date puts Immunet PLUS (with ClamAV and Tetra enabled) in the 58% percentile which is eight to ten points higher (20 higher than Panda) than most of the suites not empowered with a strong HIPS component. Not exactly ,generally saying heuristic can be categorized into two types --- Static Analysis and Dynamic Analysis,Static Analysis bases on analyzing file architecture with algorithm ,Dynamic Analysis major access the file actions and give a suggestion,they are two different technology and have each own advantages.Immunet heuristic is major Static Analysis maybe there's virtual machine to perform Dynamic Analysis too,but neither of them is what I asked for. Behavior Blocking /Pro-active Protection/HIPS component are becoming popular since so many market vendors have developed their own Behavior Blocking /Pro-active Protection/HIPS component,Immunet should consider this for further development. Link to comment Share on other sites More sharing options...
dallas7 Posted July 3, 2011 Report Share Posted July 3, 2011 Yeah. Whatever. Good luck with the asking. My reply targeted the original post where I sensed Malcontent's concern that Immunet lacks any behavioral functionality whatsoever. Immunet's core process as delivered by Ethos and Spero is all about behavior and behavior alone. As to it being this analysis or that analysis or that other analysis is a discussion that's a waste of time and bandwidth - a behavior I'm ceasing as of right now. Immunet is for those who seek other than what "so many market vendors have developed" and who've concluded they've succeeded and will continue to excel. EOF Link to comment Share on other sites More sharing options...
ritchie58 Posted July 5, 2011 Report Share Posted July 5, 2011 If a PC user is concerned about 0 day vulnerabilities there are third party applications one could use as an added layer of protection such as Emsisoft's Mamutu which is a dedicated behavior analyzer/blocker. There are also a number of apps that use a HIPS approach incorporated into the program such as Comodo Internet Security's Defense+ and SpywareBlaster to name just a few. Link to comment Share on other sites More sharing options...
Jose_Lisbon Posted July 5, 2011 Report Share Posted July 5, 2011 If Immunet will continue to be compatible with more traditional AVs (I hope so) it's better not to add too many features. Better to work on RAM usage (far too high) and the ocasional CPU peaks. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.