Cyberhawk vs traditional Antivirus

Discussion in 'other anti-malware software' started by daniel952, Aug 4, 2007.

Thread Status:
Not open for further replies.
  1. daniel952

    daniel952 Registered Member

    Joined:
    Jul 30, 2004
    Posts:
    71
    Is there any software on the market that does not use signatures that can effectively be used as a replacement for anti virus software? I have heard that Cyberhawk is proclaimed to do this, but I need verification that it works well enough that one could safely use it in place of an anti virus program. I hear that Cyberhawk offers protection from known and unknown viruses, and does not require signature updates.

    Is Cyberhawk effective enough to replace traditional A/V?

    Also, what are some other programs of this nature that I can choose from?
    I am so fed up with maintaining anti virus signatures for an A/V program that doesn't offer zero-day protection
     
  2. screamer

    screamer Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    921
    Location:
    Big Apple USA
    daniel,

    You can in theory use any "hips" app to prevent intrusion: System Safety Monitor, Pro-Security, EQSecure... These will protect against Zero Day attacks. I would keep an AV to scan D/L'd programs though.

    ...screamer
     
  3. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    You might check AV Comparatives. He had a tests of such applications. Prevx missed 5 samples, and Cyberhawk missed one. None of the others missed any, including KIS.

    My conclusion is that KIS is good enough, but there are some who will disagree.
    http://www.av-comparatives.org/
    Click on the "Comparatives" on the left side, and then scroll down to "Comparative of various protection tools October 2006"

    Make your own choice.

    Best,
    Jerry
     
  4. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks: OP's question can be answered right here; CH's front page on its web site at [url dot novatix[/url] dot com. and subsequent pages. The big question lingering after this is: to what extent do you like to believe. I have asked CH to substantiate those claims w/ readable date on several occasions, and still awaiting, to this PC-Tools day. o_O
     
  5. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    Do NOT use Cyberhawk as standalone - it is not a full-blown HIPS. It is, however, a very effective complement to an existing antivirus program, much like how Kaspersky's PDM component is to its main signature scanner.

    As a sidenote, Cyberhawk does use a certain amount of signatures. I'm pretty sure they exchange samples with Grisoft, McAfee and Trend Micro, at least, judging by the names with which it identifies known malware.
     
  6. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    CH can't be a real replacement for AV any kind as both are using blacklisting-based technologies.
     
  7. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    Blacklisting is a part of CH, as it does identify malware as known and by name at times. However, I'd say it's misleading if what you meant to imply was that blacklisting plays a major part in how CH functions.
     
  8. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Out of its blacklisting part, it is just a classical HIPS (and, as we can see from NicM's review, not really good one).
     
  9. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    Again, misleading both counts. nicM's review does provide useful new information that vendors need to sit up and take notice of, but has, at best, a very limited role in determining the overall effectiveness of a HIPS program. Secondly, CH is not a classical HIPS - it does operate using the same principles (monitor process activity), but puts those principles to practice in a rather different manner.

    I do agree that CH shouldn't be used as standalone security, but for different reasons.
     
Loading...
Thread Status:
Not open for further replies.