Behavior based analysis product?

Discussion in 'other anti-malware software' started by hex_614, Jul 30, 2008.

Thread Status:
Not open for further replies.
  1. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Comodo's firewall includes Defense+, a full-scope *classic HIPS*. OnlineArmor is also a classic HIPS. Neither Defense+ nor Online Armor is a "behavior blocker," per the rigorous definition of that term.

    very very generally...

    1- A classic HIPS is much more configurable than a behavior blocker. Thus, a classic HIPS requires the user to make MANY decisions on an action-by-action basis for EACH individual application. Because of its high level of configurability, a classic HIPS is a superb security tool for a user who has the diligence to configure it carefully and correctly.

    2- A behavior blocker is much less configurable than a classic HIPS. Instead, a behavior blocker has the "AI (artificial intelligence)" to monitor, not only individual actions by any given application, but also to monitor a SERIES of actions by any given application. Through this & other methods, a behavior blocker can make some decisions on its own, & thus will not offer nearly so many pop-ups as a classic HIPS.

    Which is better? If you have some security know-how, &/or you want to learn more about security, then classic HIPS is the answer. If you want a set-it-forget-it security, behavior blocker is probably closer to what you want.
     
    Last edited: Aug 1, 2008
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.