Re: I applaud Prevx’s openness to sharing information Bonsoir, As I do not wish to start a new thread I follow this one by renamming my post PrevX: "the good, the bad and the ugly" *THE GOOD -value for money: for 25 euros, the end users have a very good level warranty of efficiency, much more than av users have never had (some av like Norton have been sold in the past for about 60 euros, with a colander like protection). -reactivity: i've seen more evolution in PrevX product in 4/5 years than in some av in 15/20 years. -HIPS for the mass: as an HIPS militant veteran, i have always been convinced that this kind of product is knowledge based discriminative, and by this way,are only valuable as a niche market. Like Sandbox/virtualization HIPS such as DefenseWall or Sandboxie, Prevx has finally find the right mix between ease of use/usability and effectiveness.. -Good support according to some read here, close to the end customer like most small editors, ETC. *THE BAD: externalization of security via the in the cloud architecture First of all a little reply to EraserHW: https://www.wilderssecurity.com/showpost.php?p=1440630&postcount=18 I do not use PrevX (sorry but I don’t need it), and have nothing in particular against this product. My various allusions to PrevX is a condemnation of the marketing department, not of the dev. Team ( making an HIPS made simple is really a good job, much more difficult than simply monitoring Zw* or Nt* API…). And if I do not know how it works…well I am aware of the in the cloud approach before its application for PrevX: Some research have already been published: http://www.eecs.umich.edu/fjgroup/cloudav/ And TVRProtect (TrendMicro Engine) or AV as a service exist since about 3 years: http://www.trvprotect.com/ No need forensic linguistic: the word “If” makes your comment already lapsed or "void ab initio". I am in the sceptic side regarding the in the cloud approach ( http://www.crn.com/security/216900442;jsessionid=ZQ4T21CWZ2DBQQSNDLOSKH0CJUNN2JVN ) As a security purist, I believe that more the level of control on the Security process is high, and more it is possible to mitigate risks of Insecurity. Quite incompatible with Security As a Service (SAS). “In the cloud” is currently a trendy word (http://www.maigretsblog.com/wp-content/uploads/wallpapers-windows-seven-hd-57.jpg no doubt that it will be used also for in the cloud sex by space tourism agencies!) which has seen the foundation of its corporation recently. This approach is just an evolution, and not the revolution that is presented by some marketing departments. This server/side security architecture makes the impact of the product more light on host client machines, and reactivity to zero day malwares /threats much more fast. No doubt. But there is some real things about we need to worry -impact on bandwidtch, -privacy invasion that make this approach uninteresting for critical and high tech firms and infrastructures (no trust in any firm since there is no independent inspection of the data centers), -legal implication of the required connection (real case that occurred to a columnist and translator friend: a client has given a usb key for translation, and when working during a train trip, he was infected by an autorun worm: as there was no internet access in all TGV 2 years ago, what could be the responsibility of the SAS provider/PrevX in such case? What about possible DDOS against PrevX as it was the case in the past for more larger antimalware editors and giant companies like EBay , Amazon or MST… More over is it really credible to think that any sophisticated heuristic engine helped or not by an in the cloud “technology” can be a replacement to human decision, or can be more effective than locked systems in an isolated network architecture?