Katie DriveSentry

Uhhh i dont think 1 can compare DS and TF, where TF is a pure behaviour blocker DS is not. DS is an anti virus with HIPS and whitelisting included.

 

What makes you certain that the detection rates of DS will be lower than that of AVs such as AntiVir, Avast, AVG, etc?

What data or sources did you use to come to that conclusion?

 

I don't know for certain... It's just a guess. Considering AntiVir, Avast and AVG are larger companies which have been working on an AV for years, and DS is a new company which is primarily a HIPS.

 

Drive Sentry is an advanced antivirus with file protection, behaviour analysis and HIPS features, that I hope will be emprouved ( i.e.: the ability to create singular rules about allow/block low level disk access, phisic memory access...)

 

Hi Truthseeker,

This is not the fuction of DSGA. DSGA is designed to protect the data upon your device from malware. It does not have an on demand scanner. The function of DSGA is to monitor all access to your device, only allowing good programs to have access to your data.

DSGA can be disabled and re-enabled, but i think there has been a bit of confusion here as i never said that it had a virus scanner. It scans files and programs in realtime as they attempt to access your device but is not designed to scan the PC fpr malware. This is not its function.

kind regards,

kate.

 

Re: Question for Katie

Hi ingem64,

I would personally recommend that you replace Avast with DriveSentry. but i am somewhat biassed. See what you think, you can always swap back if DS is not to your liking but i cant see this happening !!

kind regards,

Kate.

 

DriveSentry is AS THE WEBSITE STATES : 'next generation antivirus'. It combines HIPs technologies with antivirus, antispyware and innovative whitelisting technology. For the less tech savvy people we just call it 'next generation antivirus' because its main aim is to combat viruses and keep your system and data safe from infection. .

Although in theory it is not JUST AV, it is the NEXT generation of AV as we like to call it as the traditonal AV products just dont cut it anymore!

I hope this helps...

 

I doubt that the detection rate of DS would ever be lower considering DriveSentry's blacklist alone contains just as many unique virus signatures if not more than Symantec.

DS monitors all access to your system and data

It automatically detects and quarantines over 1.3 million known viruses.

It automatically allows access to whitelisted programs

a popup notification is triggered when anything from the grey area of unknown programs attempts to access your drives. This notification contains advice from the Advisor community and a potential threat score based on the programs behaviour and characteristics.

IN SUMMARY, DRIVESENTRY ONLY ALLOWS ACCESS TO GOOD/TRUSTED PROGRAMS...it does not simply rely on a DB of blacklisted programs as with traditional AV.

Therefore it protects you from the known and the unknown unlike tradional AV which only protects you from a DB of viruses that it knows about which is often outdated.

thanks

Kate.

 

Thanks Ges/Por!!! you hit the nail on the head!

 

Somone,

Your guess would be wrong im afraid.

DriveSentry has one of the largest blacklists in the world of AV with over 1.3 million unique virus signatures. In just three years DriveSentry has equal to if not more virus signatures in its database to that of Symantec.

So with the combination of blacklist (AV), whitelist, Community protection and HIPS technologies, DriveSentry provides one of the most secure solutions for your system and data.

I hope this helps.

kind regards,

kate.

 

How many people work in AntiVir, Avast and AVG?

And how many people work in DS?

Surely you must know the figures to come to that conclusion and to make those comments?

 

kate, gotcha. I fully understand. But what confused me was that when I installed DS it has a SCAN function, so naturally I assumed it would check for virus etc. So why does the version I installed have a "SCAN" function?

What does the SCAN do then?

 

I AGREE

That's why I use Linux for all my secure activity, netbanking and browsing and installing new applications etc. The reason is because Windows and the current AV's just dont cut it, and are useless to all the newly released virus, malware, etc. For example, there are many new threats released by the evil programmers every day, and by the time the AV companies get a hold of it and release it in their AV definition, the damage has been done.

So if DS gets working properly with Truecrypt containers, then I will start using DS and Windows more.

But at this stage I am unable to use DS as it has problems with my TrueCrypt container.

 

Kate yeah spot on!! And I think your biggest challenge, from a marketing point of view, is getting people to become fully aware of exactly how DS works and how it's more effective than traditional AV's. Your biggest challenge is getting people fully understanding how it works, and how it's better through the reasons you mentioned above.

I think most people who try it may stop using it because they think it works like any other AV.

So Kate, I hope you are able to educate the public on the difference between DS and AV's and how it is much better to use as it picks up even unknown threat activity, where traditional AV's don't.

Kate, you really should consider adding a section to your website that explains in VERY EASY LAYMAN TERMS exactly how DS works and how it's better than AV's. Don't assume everyone understands by just downloading your program. I think it's a very critical mistake to assume that by you and your company, and you are potentially losing many customers because you have not succeeded properly in explaining the program and how it works. I would add a very simple FAQ or something to your website, ASAP, because realise that you usually only get one chance with people, and many who download your program and use it under wrong assumptions and then delete it, will never come back to your website again and never use DS again, because they had a wrong interpretation of the programs functions and the way it operates. So explain it in easy child like language and then everyone will fully realise and understand how DS works.

 

I think all the vendors have their own way of counting malware, so IMHO that doesn't mean a lot.

Don't get me wrong, I think DS overall is a great application. I'm just saying personally, I think their AV component by itself needs more testing (e.g. av-comparatives, av-test) before I'll rely on it as my one AV.

 

Someone, you make a valid point but I think some of that is from a learned behavior.
We started out with computers and were always led to believe we needed a good av.
If you read thru these forums you'll see that alot of our posters do not use an av any more.
They took the next step,to the HIPS, the next generation of av's.

DefenseWall, DriveSentry, SSM, E-Square and a host of other hip programs have taken their place.

If I understand DS, it is not advertised as an av but as a next generation av. which can take the place of the av you have or can run along side of it, if you feel the need to.
DS is a HIPS and basically protects your system against any changes that could be made to it by any virus, trojan, maleware or other nasty.
It is not an av as such and therefore could not be tested as an av.

Right now I am running DS without an av.
If I decide to keep it, I will pay for the update as a matter of support for their work.
Stay Tuned.

 

But DS has the ability to detect unknown virus activity, other AV don't. And gives option to only allow selected programs access to your HDD. That makes DS light years ahead of any AV and will protect a user where AV's won't.

 

DS makes a lot of claims, but it has not signed up for testing by Virus Bulletin, or AV-comparatives, or AV-test.org, or PCWelt, or any other reputable test lab that I know of. All the other AVs that DS claims to equal or exceed HAVE voluntarily submitted themselves for testing.

I hope DS does submit itself to objective testing. I WANT it to succeed. I WANT it to be as good as it claims to be. However, I never recommend my clients or students to use an untested program that purports to be an AV.

As to its being an AV -- why did Katie put it in Wilders anti-malware category (along with other HIPS) instead of in Wilders antivirus category? Why won't M$ Security Center regard DS as an AV?

Hey, before all the DS fanz go into attack mode, I am NOT aiming to shoot holes in DS. Frankly, I think DS is good enough & stable enough to be objectively tested. If it refuses testing, then IMO it should cease to make claims {as in Katie's post #508} of being as good or better than AVs which HAVE voluntarily been tested.

NOT so!

Most major AVs have extensive zero-day coverage in terms of heuristics, behaviorists, & even full-on HIPS. Examples include but are not limited to KAV, Norton, AVG, Comodo fwp, Twister, Rising -- many others. Further, those AVs have submitted to pro-active testing. DS has NOT submitted itself. All it has done to date is offer unsupported claims by its marketing organization & its fanz. If DS claims to be better than antivirus programs, then it should submit itself to being tested along with those AVs using actual databases and not mere assertations.

By the way -- I expect DS will do well if/when it submits to testing. But unsupported claims, in the meantime, come perilously close to being marketing puff.

 

Do AVG, Avast and AntiVir do that? If not, then I have made a valid point as those 3 have millions of users.

 

Avira has superb heuristics for zero-day. I am not familiar with AVG in those areas. Your statement was MOST Avs. I showed several top-tier AVs that have HIPS &/or BBs &/or heuristics to cover zero-day threats -- as measured by proactive tests.

In my previous posts I forgot to mention BitDefender, which now has excellent HIPS-type module. There are others that have HIPS or BB or extremely enhanced heuristics -- I hear that Avast's entry is very close to going beta -- but I haven't time to check them out right now & I prefer not to make unsupported claims.

To see some of those 0-day indicaors, goto HERE then click "Comparatives" in left-side column then scroll down & check the reports for lines 2, 4, 6, 8, 10, 12 ,14, 16, 18 (Retrospective/Proactive Tests). Be sure to read the testing methodology in the intoductory paragraphs for those tests -- it offers a decent methodology for measures of zero-day. (Sorry for the convoluted link/guidance but Andreas won't allow direct links to his tests.)

Also check HERE & go to "Viruses" in left-hand column, then click to Daily, Weekly, etc -- these give good (but raw) measures of zero-day effectiveness for several AVs.

By the way, truthseeker (TS), the HIPS with Rising AV are so good that Kees1958 pretty much prefers them to any other classical HIPS now extant. Do a "dual" advanced Wilders search with "rising" in the left-hand search box, & "Kees1958" in the right-hand search box. It's good stuff written by Kees -- a tester/user who is well advanced beyond me & most others here.

Hey TS -- I LIKE DS, but I feel that Katie needs to tone down her claims a bit until she has actual test data showing what DS does in comparison to full-scope AVs.

 

I know AVs aren't essential, but for most average users it is a good line of defense. And personally I like to have something to verify that files I have downloaded are clean, i.e. an AV. And I would prefer something "tried and tested" which is why I would trust something like AntiVir more as my antivirus.

This sounds like it is also an AV to me.

 

I disagree with this: real protective defense is multilayered defense, so there is not an only kind of program that can once and for all protetc a system. So we need surely an HIPS, but we need also an av, a sandboxing or virtualising sw, a router as well as sw firewall..
p.s.: I love DriveSentry.

 

And DriveSentry loves you

 

I am a little confused. Drivesentry desktop has an on demand virus scanner and a realtime scanner. DriveSentry GoAnywhere has a realtime scanner which works in the background when a file attempts to write to your device. This is not visible to the user.

I dont understand how you can see a scan facility using Drivesentry GoAnywhere as it does not exist!!

Please let me know.

kind regards,

Kate.

 

Bellgamin,

I agree with what you are saying as this is a valid point. We have applied for VB100 so are waiting for a response.

Im sure that we will have the evidence to back up my positive words very soon.

kind regards,

Kate.