PrimaryResponse SafeConnect Beta is now open

Discussion in 'other anti-malware software' started by jeremy_pickett, Oct 28, 2008.

Thread Status:
Not open for further replies.
  1. jeremy_pickett

    jeremy_pickett Registered Member

    Joined:
    Apr 21, 2008
    Posts:
    11
    Sana Security would like to invite you to participate in beta program of our flagship client security software, PrimaryResponse SafeConnect. The beta program is for version 3.5 which has a number of new features, bug fixes, and product enhancements.

    What's new in 3.5 Beta:

    • Activity Monitoring - SafeConnect now exposes and records configuration changes to the machine as well as its own activities providing the end user feedback on what various programs are doing.
    • Efficacy Improvements - there have been many small and large improvements to the SafeConnect behavioral malware detection and removal engine, including: early boot time component removal; improved handling of malicious drivers and alternative data streams support; desktop modification detection and clean up; and many others.
    • Real time Malware Identification and Classification - SafeConnect now leverages the community of users to help identify detected malware. Once malware is detected behaviorally SafeConnect can check if someone has already detected this particular malware and retrieve its name and description from Sana's community information. Submission of suspicious samples will continue working based on user preferences as in the previous versions.
    • Performance Improvements - several performance improvements have been made to the product including lower boot time overhead, improved interaction with AV scans, and faster malware removal.
    • One button support log submission - to improve interaction with Sana's customer support SafeConnect can now automatically collect and submit logs to Sana's support with a click of a button.
    • In addition 3.5 fixes numerous bugs reported from the field in earlier versions of SafeConnect.

    Beta Requirements

    • Windows XP 32-Bit, 500 MB RAM
    • Windows Vista 32-bit, 500 MB RAM
    • Windows Vista 64-bit, 1 GB RAM
    • Previous versions of SafeConnect must be uninstalled prior to the installation of 3.5 Beta
    • The Beta license key lasts for 60 days

    How to Participate in the 3.5 Beta
    Participating in the SafeConnect 3.5 beta is free and easy, but there are a few guidelines beta testers should follow.


    Beta Feedback (Very Important, please read)
    In the spirit of making this beta period as constructive as we can, Sana Security would greatly appreciate specific, concise, and ideally reproducable feedback. An example email if a user encounters a false positive should go something like this:

    Subject: False positive found on DivX version 6
    Body: Installing DivX version 6 produced a false positive with SafeConnect beta. Log files from this false positive were submitted through the Submit to Support button on the Settings tab. This false positive occured approximatly 2:30 EST.

    OS version: Windows Vista 64-bit, SP1, English

    This is only an example, but in general the more specific and concise the report it, the more constructive it shall be.

    About Sana Security
    Sana Security provides software that protects what others can’t protect or see, providing immunity against threats, both known and unknown. Unlike reactive, legacy solutions that require updates, signatures and scanning, Sana’s products offer enterprises, small businesses and consumers instant and constant protection against threats, increasingly complex attacks, data compromise and identity theft.

    For more information about Sana Security, please see http://www.sanasecurity.com/press/index.php



    We appreciate discussion of the beta on this and other boards, but just to be clear, feedback and support should be directed to beta@sanasecurity.com. Thank you!!



    [edit -- slight formatting change]
     
    Last edited: Oct 29, 2008
  2. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    thank you, it is looking very good and light. Nice to see the new enhancements.:thumb:
     
  3. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    Hi,

    thank you, downloaded and will take a look at it tomorrow.
    Just out of curiosity, will Antibot be updated to the new PRSC version too?

    Cheers
     
  4. jeremy_pickett

    jeremy_pickett Registered Member

    Joined:
    Apr 21, 2008
    Posts:
    11
    Unfortunately I do not have news one way or another on that, sorry! :(

    --edit, changed frowny to an emoticon less angry
     
    Last edited: Oct 28, 2008
  5. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    Err... never mind me asking. :blink:

    Cheers
     
  6. BrendanK.

    BrendanK. Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    520
    Location:
    Australia
    I just did a few tests and PRSC never detected any of the threats :( I was really looking forward to seeing a really wonderful behaviour guard.
     
  7. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    This case sandboxes/classical HIPS is your choice.
     
  8. BrendanK.

    BrendanK. Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    520
    Location:
    Australia
    I currently use RTD + A2 Antimalware (Paranoid mode on) + NIS 2009 so I think I'm pretty much covered for now along those lines. But I was hoping PRSC 3.5 would really impress me, so I could steer away from the countless popups. Oh well maybe by the final release I will have ;)
     
  9. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    What sort of tests?
    Live malware or a POC?
    Maybe a keyloging test?
     
  10. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    its look same as norton anti bot
     
  11. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    Actually the current version of Antibot is Safe Connect. As the top post says, this beta is different then what is currently out there. As to if Antibot will evolve from this beta, dont know. But right now it is working very well on 2 machines. One Vista the other XP.
     
  12. jeremy_pickett

    jeremy_pickett Registered Member

    Joined:
    Apr 21, 2008
    Posts:
    11
    If you had time, I would really appreciate hearing what types of tests you tried.
     
  13. BrendanK.

    BrendanK. Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    520
    Location:
    Australia
    I did :-

    Keylogging Test
    Trojan Test
    DLL Injection Test
    Kill process Test

    Rootkit

    Red
    - Fail
    Green - Pass
     
    Last edited: Oct 29, 2008
  14. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    and it failed all of them? Thanks
     
  15. BrendanK.

    BrendanK. Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    520
    Location:
    Australia
    I tested a rootkit and I must say it did pass that...Other than that, yes, it failed them.
     
  16. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    Cool, a security software for Vista 64 - worthy a test. :thumb::)
     
  17. jeremy_pickett

    jeremy_pickett Registered Member

    Joined:
    Apr 21, 2008
    Posts:
    11
    PRSC rarely convicts on a single behavior, such as just code injection, just killing a process, or just logging keystrokes. I think there are some older posts around here that describe it in more detail (I can dig them up if you'd like), but the bottom line is PRSC will perform much better against real world malware than atomic tests.

    If you are curious though, if say your DLL injection test leaves the DLL injected, or the host process stays spawn, you should see that behavior in the monitored list for that application.
     
  18. BrendanK.

    BrendanK. Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    520
    Location:
    Australia
    I see well then I shall be installing it again and letting it run with real malware. Those posts would be very useful to me as well if you would like to dig em up for me.
     
  19. Zero3K

    Zero3K Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    340
    One thing I've noticed while using the new beta (and earlier versions) is that the UI hasn't changed that much. Why is that?
     
  20. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    IMO, it should by now have become common practice for securityware, even such as PrimaryResponse to address those fails, such as and especially DLL injections, terminating running processes (even obsolete (so-called) ProcessGuard is still immediate and effective to those type threats), and at least some keylogging monitoring.

    This is a Beta and the scrutiny is on of course, so it would bode well AFAIK to ramp up this app to address those valid concerns. No security app should come half way but rather encompass as many potential threats as even old outdated apps can still deal with, and more!

    EASTER
     
  21. BrendanK.

    BrendanK. Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    520
    Location:
    Australia
    I must say against viruses (the ones that do damage to your computer like disable Windows etc) it does well. But again, when faced with keyloggers, dll injection and process termination due to real world malware it doesn't give a peep.
     
  22. Sportscubs1272

    Sportscubs1272 Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    340
    Would firewalls such as Comodo and Online Armor (paid) detect keyloggers, dll injection and process termination?

    I still believe in sandboxing, multi-layer security, patching and common sense in preventing most malware from entering my system. I guess I would breathe a little easier if the anti-malware blocker was aiding my defenses on a bad day.
     
  23. BrendanK.

    BrendanK. Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    520
    Location:
    Australia
    Yes, as they are very similar to a standalone HIPS just with an added firewall :)
     
  24. Sportscubs1272

    Sportscubs1272 Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    340
    That's what I thought. I think PRSC was designed for users that use a basic anti-virus and the Windows firewall turned on.

    I like to use freeware (TF) or use a free license (A-Squared Anti-Malware) than spend 30 bucks for something I probably don't need.
     
  25. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    well I like it. Keep in mind this is a 2 month beta so more changes will happen. I think you have to keep in mind its purpose in the security field. Something like this coupled with say, ShadowDefender and it really makes a great combo.
     
Loading...
Thread Status:
Not open for further replies.