Introducing EdgeGuard Solo Beta (zero-day malware defense)

Discussion in 'other anti-malware software' started by Eirik, Oct 10, 2008.

Thread Status:
Not open for further replies.
  1. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    to be exactly close it is similar to Amust 1-Defender;)
     
  2. Eirik

    Eirik Registered Member

    Joined:
    Oct 6, 2008
    Posts:
    544
    Location:
    Chantilly, Virginia
    I don't have an exact date for the new release of EdgeGuard Solo this month. I'll post it as soon as I can. Thanks for asking.

    Cheers,

    Eirik
     
  3. Eirik

    Eirik Registered Member

    Joined:
    Oct 6, 2008
    Posts:
    544
    Location:
    Chantilly, Virginia
    {Edit: Whoops, missed the date on Kees questions. Well, I hope answering twice is better than once.}


    To be a bit more precise, the user's privileges are unaltered. And, from the perspective of the token issued to a process by the application, this too is unaltered. EdgeGuard Solo includes a driver that intercepts file system (includes registry) actions. It blocks 'guarded' applications from performing write operations in 'sensitive' places.

    When a 'guarded' application spawns an executable or an ActiveX control, EdgeGuard Solo dynamically applies the same blocking actions to any write operation attempts they attempt.

    The current version of Solo does not yet do this. The soon to be released version will. It will block any executable launch from user-space that is not 'guarded' by EdgeGuard Solo. So, it will block user-initated launches from user-space too because of social engineered attacks. The user can suspend download protection for a timed period to launch something. Or, the user can add the item to the 'guard' list.

    EdgeGuard Solo does not trust applications, which is why it guards them. Because it is a self-service utility, it does not guard the end-user. Though, one can make a reasonable argument for doing so.

    Generally speaking, EdgeGuard Solo blocks write operations by guarded applications to what we call common malware targets: HKLM, select HKCU keys, and select Windows directories.

    Please let me know if you would like additional information.

    Cheers,

    Eirik
     
  4. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    thanks and let's know please erik
     
  5. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    Hmmmm, dont forget me, dont forget me.

    Something tells me a storm is coming and Geswall and DefenseWall, you got some competition.;)

    Nuff said for now.
     
  6. jdd58

    jdd58 Registered Member

    Joined:
    Jan 30, 2008
    Posts:
    556
    Location:
    Sonoran Desert
    Been waiting for the new version also. I think I'll go ahead and try the current version in the meantime.
     
  7. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    is already january is the update ready for download yet eirik thanks:thumb:
     
  8. jdd58

    jdd58 Registered Member

    Joined:
    Jan 30, 2008
    Posts:
    556
    Location:
    Sonoran Desert
    Is this the reason Google Chrome is not protected according to your website?
     
  9. Eirik

    Eirik Registered Member

    Joined:
    Oct 6, 2008
    Posts:
    544
    Location:
    Chantilly, Virginia
    Hi Guys,

    Instead of you all continuing to wait for the next EdgeGuard Solo release, I’ve been authorized to give a free copy of AppGuard to all registered EdgeGuard Solo Beta users. This is in lieu of a January release of EdgeGuard Solo that I had expected.

    If you’re not yet registered, there’s still time (Sunday night). Registered users will receive a download link via email.

    AppGuard offers the same features as EdgeGuard Solo plus more. Many of these additional features are based on feedback from the Wilder’s community regarding EdgeGuard Solo:
    • Drive-by Download Protection (prevent executable launches from user-space)
    • USB Malware Defense
    • Alerts and Logs (AppGuard populates Windows Event Logs)
    • Guard applications running from user-space (e.g., Google Chrome, GotoMeeting, etc.)
    • Self-protection
    • Embedded Help
    We’re building AppGuard to stop most malware threats but be easy and quiet enough for novice users to employ happily.

    Cheers,

    Eirik
     
  10. Eirik

    Eirik Registered Member

    Joined:
    Oct 6, 2008
    Posts:
    544
    Location:
    Chantilly, Virginia
    Yes, the EdgeGuard Solo Beta could not guard applications running from user-space. AppGuard can do so.

    Eirik
     
  11. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    good news i was waiting for you to reply again erik:thumb: thanks again i am register user do i have to register again,i havent heard anything about appguard?
     
  12. Tony

    Tony Registered Member

    Joined:
    Feb 9, 2003
    Posts:
    725
    Location:
    Cumbria, England
    Got my email thanks Eirik.

    I never had to register again jmonge :thumb:
     
  13. Eirik

    Eirik Registered Member

    Joined:
    Oct 6, 2008
    Posts:
    544
    Location:
    Chantilly, Virginia
    Shouldn't be necessary. If you (anyone already registered) haven't received an email about AppGuard, please let me know at eiverson@blueridgenetworks.com .
     
  14. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    i just got my coppy like 5 minutes ago,this is very cool;) good job it is more complete than edgeguard:thumb: alot of protection included,love it;) thanks Eirik:thumb:
    note:i like the tray icon notification:)
     
  15. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    I just registered, now how do i get the license for AG?

    Impressive :thumb:

    Very interresting and definetly the right approach :thumb:

    Best regards,

    Ges
     
  16. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    this is freaking cool;)especially the flashing GUI in the tray icon:)
     
    Last edited: Jan 23, 2009
  17. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    I second that. It just asked me an email, right? I hope i didn't miss something...
     
  18. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    they will email you soon,enjoy man this is cool stuff:thumb:
     
  19. Eirik

    Eirik Registered Member

    Joined:
    Oct 6, 2008
    Posts:
    544
    Location:
    Chantilly, Virginia
    Just an email is needed.

    There may be a delay in your getting the download link.
     
  20. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    K i got 2 emails of the same but its not a license - its a temporarily downloadlink so if id happen to reinstall OS then no more AG
     
  21. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    save the download file ;) not the link
     
  22. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    LOL i know but i rather get a license in my inbox c
     
  23. Eirik

    Eirik Registered Member

    Joined:
    Oct 6, 2008
    Posts:
    544
    Location:
    Chantilly, Virginia
    There's an embedded help guide in AppGuard. Its easy to miss. I debated making it automatically open upon first use. I'm confident you'll find it useful. I believe I kept it fairly free of vendor-fluff.

    Cheers,

    Eirik
     
  24. fredra

    fredra Registered Member

    Joined:
    Jul 25, 2004
    Posts:
    366
    I am registered, however, no email as yet AND "blueridgenetworks" is not loading.
    "sighs"
    Cheers :D
     
  25. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Thank you Eirik, i got the mail and installed it. I disabled Comodo's D+ and ran Comodo's leak test (after adding clt.exe in the list). Unlike EdgeGuard Solo beta, which for mysterious reasons never blocked anything in that leak test, with AppGuard, the results were encouraging!

    http://img136.imageshack.us/img136/2757/84713742in1.png

    Of course the ICMP and dns are due to Comodo's firewall.

    The funny is now that even though i "deleted" clt.exe from ApGuard's list, it will now not even allow to execute clt.exe and also says so! It says "Prevented from launching" and clt.exe itself says "it isn't a valid win32 application". Bug? I don't know. Seems so.

    Anyway, it has much potential. It's like a mini-Defensewall. And the best part, it seems to use very little to none CPU! I love it! It's a good addon for people that don't like classical hips! The clt.exe blocked thingie has me a little concerned about bugs, but on my next hips-less setup, i will run AppGuard definitely! I love apps that don't eat CPU! :thumb:
     
    Last edited: Jan 23, 2009
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.