What is AppGuard

If I run AppGuard or EdgeGuard Solo as my only security solution (e.g. on a laptop) am I protected from malware infections or do I need signature-based antivirus software to go along with it?

 

i know that appguard is able to protect you in real time but as you know nothing is bullet proof so it is better to be doble layer protected just in case one security is bypass the other one will catch it(antivirus)2 can do better than 1

 

As always, I agree with Jmonge. I would like to add some additional perspective.

A signature-based tool will intercept inbound files and communications that others have previous identified and registered (vendor consortium generates a unique signature, like a fingerprint or photograph). They can literally prevent the inbound malware from ever being processed by whatever application is targeted. For example, before your email application can open a tainted email, the signature-based tool can intercept it. So, with signature based tools, known malware can be prevented from ever 'entering' your working system.

When no signature exists, other tools such as AppGuard, prevent the malice from doing harm after it has entered your working system. So, that tainted email would show up in your Inbox. With AppGuard, if you opened that email or its attachment rather, the malware would attempt to exploit a vulnerability in your email software or some other software (e.g., tainted video to exploit flaw in Windows Media Player, for example). Either way, AppGuard would prevent either your email application or Windows Media Player from being used to implant malware. But, AppGuard would not remove that email from your Inbox.

If you open that media file from your inbox again, same thing happens again. Eventually, a signature-based tool would have a signature for that media file and remove it. This is why you should let your AV run 'Full Scans' in the middle of the night. Full Scans look at files already in your system with new signatures that may not have existed until after those files were in your system.

Bottom line, AppGuard serves as a line of last defense. Layered defenses are the best defense in all things.

One last point for this novel of a post, AppGuard does not and never will interfere with the internal affairs of applications. This is actually a very good thing but thats a rather long discussion too.

In particular, I mean to point out web browsers. There are major fundamental internal flaws within web browsers. These ultimately should be addressed by the web browser and server vendors. For end-users, I recommend using multiple browsers. But, here too, signature-based tools can at least intercept the known malware that operate within the web browser environment. This approach is simpler than dealing with the false positives and other complexities of third party products trying to impose security within the web browser.

AppGuard ensures that malware cannot hijack the web browser to harm the PC. It will not prevent the issues that I mention in blog post referenced in the above paragraph.

Well, you may need some coffee after my post.

Cheers,

Eirik

 

hi Eirik any news or upgrades?thanks again

 

Unless today's QA testing reveals something new, we're looking at tomorrow for the new release.

Anybody will be able to download the software from Blue Ridge and use it for 30 days. We'll be sending out emails with activation codes to each AppGuard user so that new software can be used indefinitely. The new binary will uninstall an old AppGuard found in host and install the new AppGuard.

Cheers,

Eirik

 

cool thanks Eirik

 

Has the new version been tested with/on vista 64?

 

Ditto!
Looking forward to it.

 

maybe we are going to have a new brand appguard

 

Thanks, Eirik on that highly instructive answer.

 

I'm afraid neither AppGuard nor EdgeGuard support 64 bit Vista or XP yet. We may never support XP 64-bit, unless its an easy stretch from Vista 64-bit. I'll post an estimated release date when we have one.

Our chief software architect has been engaging Microsoft on this subject. He mentioned some of his interactions at our staff meeting this morning.

Eirik

 

Question to You All,

One of our interns has been working on a list of other security software products that we have reports of known conflicts or known co-existence. I'd like to post it here for your feedback.

Now for my question, forums such as this one are driven by server software that have polling and survey question capability. Do any of you know how we might leverage such capability to 'poll' you all as to whether your AppGuard installation conflicted with or co-existed with different software security products?

Thanks,

Eirik

 

Hi Eirik,

you can create a poll here.
When creating a new thread, at the bottom of the page there is an option "Post a poll"->"Yes, post a poll with this thread". Activate it and enter the number of poll options you want. (maximum 30)

Panagiotis

 

Thanks, I'll look at this soon.

 

Hi All,

I'm pushing the AppGuard release to Friday. Why? Its not a typical QA issue per se.

Engineering found a way to improve AppGuard USB malware defense. The improvement more precisely targets .inf files on USB devices so AppGuard can more aggressively suppress them without causing unintended consequences elsewhere in the PC, such as with VMware guest operating systems. Previous AppGuard versions were not as aggressive to avoid such unintended consequences. As a result, various environmental factors could result in a malicious USB/.inf file launching on one machine but not on others. The improvement eliminates this uncertainty.

We determined that we could include this in the AppGuard release by delaying it to Friday. Rather than hold this for the next release, I consider this 2-day delay time well-spent.

I apologize for the additional delay. I hope you agree that this one is worthwhile.

Cheers,

Eirik

 

hey Eirik take your time and enjoy a coffee break

 

Yer n make it a big cup to hold of any potential sleep

 

agree 100%,i just got a big cup of coffe and still need another one"man i am coffeholic"man i love coffee

 

I think there is an compatibility problem between sandboxie and appguard. I can't open sandboxie when appguard is installed and i will be given a error message by sandboxie.

 

Same here the one time I tried that combination. This was in Windows 7 of course. Been having a lot of trouble with Windows 7 here lately.

Later....

 

sandboxie and appguard are very happy couple here ofcourse with xp2 and no antivirus

 

Strange.

Can u open a browser(IE, chrome, FF) sandboxed without getting any sandboxie message?? Or did u tweak any setting on sandboxie or appguard?

But i am using vista here.

 

ahhh i use IE6 the old dog maybe thats why

 

Erm.....Maybe.

 

we almost have a similar set up but no
avirawell my signiture is alitle bigger but that's because i have 2 pc's plus i am buying another one