News:

http://www.agnitum.com/news/security-suite-release.php

"- Unified anti-malware. Instead of overloading the system with multiple scanning engines, Outpost’s anti-malware module combines anti-spyware and anti-virus in the same process to deliver low-impact, high-speed, easy-to-use scanning."

Best Regards.
Mike

{QUOTE-> ... Agnitum engineers integrated the unified anti-malware engine into OSS leveraging anti-virus technology licensed from VirusBuster, a Hungarian anti-virus developer that consistently achieves 100 percent certifications from Virus Bulletin. <-QUOTE}

Bad, Bad choice IMO. Even if they have their own state of the art engine, VirusBuster's detection rates leave much to be desired. I do not see this product getting anywhere with this particular vendor's technology.

Other than that it looks good....on paper.

BTW, its not just the signatures of VirusBuster that is included in OSS, its the entire engine:

{QUOTE-> But of course, we chose technology that meets our high standards - VirusBuster has scored 100 % in VirusBulletin many times. Agnitum’s engineers took that award-winning anti-virus engine and integrated it with our anti-spyware engine to create a powerful all-in-one scanner that detects and removes all kinds of malware using a single engine. <-QUOTE}

It may be slightly better than VirusBuster, but Agnitum's AV is not worth looking at now.

Gosh! :o If your a Outpost Lifetime Licence Holder to Outpost Pro 4, like what I am, then you get a huge Discount, I got a Whopping $108.00 AUD Discount and paid only $33.00 for my Suite, for a 3yr Subscription 8)

{QUOTE-> Gosh! :o If your a Outpost Lifetime Licence Holder to Outpost Pro 4, like what I am, then you get a huge Discount, I got a Whopping $108.00 AUD Discount and paid only $33.00 for my Suite, for a 3yr Subscription 8) <-QUOTE}

Great deal! Congrats & enjoy. 8)

My guess is due to the introduction of HIPS it's made Anti-Virus vendors realize they don't corner the security market as nearly as strong as before so they offer these type incentives. Plus the market is bloated heavily with security solutions from all sides that encompass far more coverage of areas previously left for other vendors.

I see it as a Buyers market right now. LoL

After reading an article over at Matousec.com stating that Agnitum tried to fake it's leaktest success I lost a lot of respect for the company. Here is the link: http://www.matousec.com/matousec/blog.php?blog=64-The_interception_of_the_test_did_not_fix_the_problem

Now would seem a good time to mention the Outpost Security Suite 2007 - What to Expect (http://outpostfirewall.com/forum/showthread.php?t=20414) thread at the Outpost forum which tries to cover a few common queries on OSS.{QUOTE-> After reading an article over at Matousec.com stating that Agnitum tried to fake it's leaktest success... <-QUOTE}If you follow Matousec's test results, you will be disappointed with most firewalls since they test process protection which is covered better by the likes of SSM, AppDefend, etc. However this has been pretty well discussed here (http://outpostfirewall.com/forum/showthread.php?t=19438), including links to Agnitum's response (http://agnitumblog.blogspot.com/2006/12/kernel-mode-hooks-or-user-mode-hooks.html). Whether FPR is a "real test" and whether Outpost's changes are a "real fix" comes down to individual opinion ultimately but FPR never worked on my system so I can't consider it a proper test.

It should be noted that other security software uses user mode hooking (with or without kernel hooking) so anyone who decides Outpost (or Agnitum) is "unworthy" on that basis will probably need to discard many of their other security programs also.

{QUOTE->
It should be noted that other security software uses user mode hooking (with or without kernel hooking) so anyone who decides Outpost (or Agnitum) is "unworthy" on that basis will probably need to discard many of their other security programs also. <-QUOTE}Few examples please, especially from the favourites being used here?

Thanks

{QUOTE-> Few examples please, especially from the favourites being used here? <-QUOTE}Anything using MadCodeHook (MchInjDrv.sys) for a start like Online Armor, Spyware Doctor, TrojanHunter, Spysweeper or A2 (though some may no longer be using this now). Anti-virus software like Kaspersky and McAfee use both usermode and kernel mode hooking - indeed any software that intercepts interprocess communications (which includes most firewalls now) needs to implement usermode hooking in order to be able to prompt the user about such actions.

For more information, check out Agnitum's PDF document Kernel mode hooks or user mode hooks – what’s best for the firewall? (http://www.agnitum.com/download/pr/Kernel_mode_hooks_or_user_mode_hooks.pdf) - provides a good outline of the pros and cons of usermode and kernel hooking; The Wilders MchInjDrv (http://www.wilderssecurity.com/showthread.php?t=47024) thread for an example of software using MadCodeHook; The Madshi forum Commercial antivirus/malware programs (http://forum.madshi.net/viewtopic.php?t=3160) thread for an interesting discussion on usermode hooking in security software.

{QUOTE-> BTW, its not just the signatures of VirusBuster that is included in OSS, its the entire engine:



It may be slightly better than VirusBuster, but Agnitum's AV is not worth looking at now. <-QUOTE}

Yep! I told them TWICE now and all I get is flames from the people at Outpost Forums.

JUST TO CLARIFY: Outpost Firewall PRO is the best software firewal, period!

This OSS 2007 while having Outpost Firewall PRO, it's far from an actual Security Suite!
The AV doies *NOT* scan web traffic!
It will allow malware to be downloaded.

I cannot recommend use of OSS 2007 to anyone at this time!

{QUOTE-> Yep! I told them TWICE now and all I get is flames from the people at Outpost Forums. <-QUOTE}The threads in question are here (http://outpostfirewall.com/forum/showthread.php?t=20173) and here (http://outpostfirewall.com/forum/showthread.php?t=20427) - this poster seems to think that an AV must detect malware the immediate instant it arrives on a system and that scanning files on access is not enough.{QUOTE-> The AV doies *NOT* scan web traffic! <-QUOTE}Nor does it claim to - and web traffic scanning is of fairly limited value given how easily malware can be disguised, either with simple Javascript obfuscation/encryption (http://blogs.zdnet.com/security/?p=171) or full https: encryption. Even file scanning has its weaknesses.

Aint worth it, LOL!

Agnitum pooched it, AFAIC. With all of the companies they could have dealt with for developing their anti-malware module they chose VirusBuster?! If I'm an Agnitum adherent, that news is akin to an attack of digital irritable bowel syndrome! Ick! That's my professional (::)) opinion.