BluePoint Security product Q&A

so did it detect the 200 samples or not?thanks

 

it will be nice to have a pasword protection againts settings modification

 

As I have posted before:

 

i see

 

for the scaning settings remenber to change from executables to all files and then run the scaner

 

I watched Matt's videos and I understand the point he and others are trying to make, that an average user won't know whether to allow or deny.

But, the file description is saying it's 'unknown', which means, running an unknown program that isn't common, is a risk right? But average users don't think this way.

I agree the default option should be to 'deny'. And then a user could access the history of deny/blocked applications and decide whether to run this program.

I'm yet to try out this program, but I think it's main strength would be when you're visiting a web page and something tries to load in the background. When you see the allow/block alert, you'd realise something tried to load, click on block and get off the site.

But as jmonge said, give the program a go, provide feedback, and you might end up having a program you've really wanted.

 

if people dont want an alert notification,just disable it and malware can not run,i am testing this alerting off as we speak i tried to run a malware sample and no totification nothing run and now i am scaning and gues what the scaner pick it up in real time it was on hold :0

 

Absolutely and this is the way "most" of the infections I see occur.

Again glad to see the testing going on. Keep in mind, you really need to use your best judgement when allowing things outside of a lab/vm. As someone mentioned above, if your surfing around and you see x34532.exe popup with an allow/deny...well hopefully you know what to do there. We may end up changing the way the allow/deny works in the future and we'll have password protection soon.

It's pretty easy to muck things up in the lab by allowing everything then trying to cleanup (not a bad test though).


Just an idea:

Load up a clean VM

Then pass every drive by/malware site you can find attempting to infect the vm (clicking deny of course or set the settings to silent)

and or attempt to run malware from folders on the desktop


That's really the strength of the product, even though the decision is yours, your always given one.

 

ofcourse drive by downloads are the modern malware attacks of this timeespecially when websites(legit websites)are compromise

 

i personally have this silent and run a scan later to see what was put in jail
i noticed that when Blue Point is in silent mode,also prevx is silent and when i dont have it silent i get two alets one for Blue Point and the other one from prevx

 

i guez matt forgot to explain in his youtube video that BP has a silent mode so papa and mama dont get bother by the pop ups so matt if you are reading please re-test

 

1. Is the white-list only based on your own definitions and not on any risky white-listing methods like Digital Signatures?

2. Will it detect malware that disguises itself for example through a picture-file? Discussion about this type of threat was active very recently if not still active.

3. Is blockage of new versions of trusted software completely avoided through your white-listing of trusted vendors?

 

Which operating systems does it support?

Dave

 

From a BluePoint email I received.


"We support Windows XP up through Windows 7 (32 and 64 bit)"

ds

 

Correct

 

Few more screenshots...

 

Saraceno

You beat me to the punch! New version out guys, 1.0.0.66. It will auto update of course, or simply click update.

-Allow/Deny alerts have changed, more informative to the user as to the risk level of the item attempting to execute
-Overall memory utilization reduced
-A few issues were corrected when scanning large (100k+) numbers of threats


BluePoint is currently being tested by an independent research firm as we speak, alongside of a handful of other products. Real-time prevention as well as detection rates will be published shortly. I'll let you know as soon as they are released!

Thanks!

 

cool i was about to complain about a memory leak ,i am running to update to this new version,thanks again

 

this new changes are very cool changes indeed,i noticed that it blocks/deletes malware without the user interaction good job buddy

 

yes i noticed this also,may be cause the database is on the cloud

 

this program is getting better and better in a short time,keep up the good work

 

Correct, this delay is dependent on your internet connection speed. Of course, even before the analyzation is complete, the threat never has a chance to execute (unless you override!).

Our license activation process is similar to Microsoft's, we take a look at key hardware, that's how we knew about the vm/when you reinstall the product. No personal information is collected of course!

Glad to see everyone testing things out, hopefully you find it as affective at preventing the nasty stuff as we do!

 

New articles about BluePoint Security!

What makes BluePoint Security different?

http://www.bluepointsecurity.com/node/93


How many security products do I need to protect my computer?

http://www.bluepointsecurity.com/node/92

 

nice reading thanks