SSM or CyberHawk?

Fellow Creatures,
I want to add one of these. I do not really want a firewall on "My PC" (see below) I am behind a NAT Router which of course blocks all inbounds and as you can see and many will know I am a loyal BOClean user. Another words I like my set up.

Opinions and advice? Thanks.

EDIT: I do mean the free. SSM 2.0.8.583 and CyberHawk Basic.

 

I always run BOTH together with absolutely no issues to report.

You can display the SDT Table with RKUnhooker and you will see which lines of coverage they both position at. I never experienced any overlap of coverage that might be of concern when both were resident.

 

yup! you can use both but i migrate from SSM (i know its more powerful) to cyberhawk because im too dumb for SSM. but i combo it with sandboxie.

but the two products is very good.

 

Thanks for the replies. By the way I am not being lazy I have been searching the forum for older threads on this for several hours. There does seem to be much on these.

Like here: https://www.wilderssecurity.com/showthread.php?t=152500&highlight=dynamic Security Agent

But I also learn that CyberHawk seems to have screwed up by starting into blacklist instead of just sticking to behavior. Yea understand, after all I have BOClean for the sigs. based stuff. I guess CyberHawk is going to get Bloated. Perhaps getting an older version is the way to go.

Looks like DSA (Dynamic Security Agent) holds a lot of promise. Perhaps it is just to early to be getting into this HIPS stuff yet. (See BLUES Comment in post 18 in the above link). It looks like SSM is the most mature. Many say it was just to much for them. so then again my focus turns to DSA or perhaps I should just wait on all of this a little longer. Oh well if I decide to do that it's been a real education.

I still welcome more postings. Appreciate. Thanks. MERC.

 

Having not ever used Cyberhawk I cannot comment on it. But I can say that I very much like SSM, althought I have the non-free version. I find it to be a very capable addition to my security software. It does take some getting used to, but it is well worth it. I have it set to "prevent termination' of my security apps, which is just another way I know, with SSM, I'm secure.

 

Hi Mercurie--

Just want to clear up any misconception about Cyberhawk.

It does NOT rely on a blacklist to block malicious behaviors. It relies strictly on behavior-based detection to block any malicious or suspicious behaviors.

If Cyberhawk detects behavior that it would normally alert on, then it will perform a second check to see if this particular behavior matches any known malware on our blacklist. In this way we can help make certain user interactions with Cyberhawk more straightforward--automatically block a known bad behavior, present the actual name of a malware, automatically quarantine it in our Pro version, etc. The blacklist check though is always secondary to the initial behavior-based detection. If we detect malicious behavior and do NOT match it to any item on our blacklist database, then we will still alert and block the behavior in question.

BTW, since this is not a traditional signature-based blacklist we're able to keep the footprint of the database very small and we do not expect the blacklist to contribute to any "bloating" of Cyberhawk.

Hope this helps understand the product a little better.

Kind regards,

Becky Dubrow

 

Thank you for your reply Becky it is helpful.