Anyone tried Barkly that promises to stop ransom-ware by behavior analysis. As I understand it will stop the ransom-ware without bothering the user. That would be ideal since many other behavior tools tends to ask the user to decide. https://www.barkly.com/how-barkly-stops-ransomware
That second sentence is almost funny. But just keep in mind that by the time that software does anything you are already infected. You'd be better off running Appcheck free, and have a good imaging plan.
I assume they are referring to perhaps signature detection upon download if scan settings are set for upon file creation. Or, perhaps rep scanning by SmartScreen upon download. Those are the only two I know of. Both are redundant, since any AV scanner will again scan upon execution.
They probably mean they block ransomware in the first stage, see link. Tools like AppCheck and HMPA ignore the first stage and take action in stage 2 when ransomware is about to start rapidly encrypting files. Too bad that these kind of companies don't offer simple consumer versions. https://www.wilderssecurity.com/thr...ternet-security-12.388577/page-8#post-2643761
HMPA doesn't necessarily ignore the 1st stage, as some of the exploit things trigger before the cryptguard kicks in. With Appcheck you are correct.
Correct, if ransomware performs process hollowing, or is delivered via exploit, then HMPA shuts it down before it can go to stage 2.
$30 per year per device - $2.50 a month plus tax. They offer a 15 day free trial - no credit card needed.
Well this confirms my feeling. Using certificates to base a decision is about like using office macros. Also more good reason to just block powershell.exe
