Process Guard vs Safe'n'Sec

which is better ? and why ?

 

Hi,

Functionally, I believe it is a toss-up. I've looked at various comments by users and I can see pros and cons of each product when compared to each other. Most users of SnS have tried out PG and for one reason or another have decided to switch. Many PG users have tried out SnS (as I have) and have decided not to switch. Overall, it appears that SnS may have greater appeal to users who are not interested with that much interaction with the product, while PG may be of interest to those who have an understanding (or don't mind learning) the PG alerts and extra functions (e.g. secure message handling), and thereby have greater control over their environment.

The primary reason I continue to use ProcessGuard (the cost is not relevent in my situation), is that PG has a more active user/support base and I understand pretty well what PG is doing. It also appears to be more stable. SnS is still a bit of a black box for me, and I would like to see it mature some more before I use it. I had some questions/problems during my installation, as have others, so if you decide to try out SnS, I would highly recommend that you take an image copy before you install it. I always take an image copy of my system before I install a major security product - particularly if it is rather new and there isn't that much feedback available yet.

Hope this helps,
Rich

 

hmm, indeed a nice question.

Safe N Sec is very new...let's say two years from scratch...the other players are way older...if you see what they did in such a short notice...you get the point.

it's a great app...IF (only IF) you want to compare: it's not possible...hence it's a combination but it's not mature enough... BUT I LOVE IT. it is even a companion to pg as it searches for suspicous actions as to pg only accepts or not... hope I am clear...

it can be a companion...let's see what the future brings and what licences they try to sell cause at the moment I don't like the way it is sold....

it should be a one time licence...or it could be a con for all that matters...look at msas and giant...at the end they stole my money

and that's my feeling...not yours at the end ..

just my two cents...just wait: if it is like this and evaluate together with licence: this is as close I need at the time being.

Sincerely.

 

I agree for the basic version, but I can see why they charge an annual fee for the version with BitDefender because of the regular updates needed. And in the future if a firewall is included in the package

I purchased Giant and RAV and within a month for both products, Microsoft had bought them out.

I run both programs on separate machines and both appear stable and to be doing their job at present. Newbies need less interaction with SNS as long as they do not choose the "total" Policy setting!

I see that a number of people here run combinations of RegDefend/SafeNSec/ProcessGuard/PrevX on their computers but at the present time I have not considered running any of these programs together in real time.

Some good tests comparing PG and SNS.

 

Thanx Blackcat.

I would only agree if they had the realtime monitor of Bitdefender (which is of the same quality as Kav...), memory scanner, ... you know what I want to say...

hence for the Firewall (Outpost)...once I stated here @ Wilders that the day some product would make it possible to have a combo of OP and SnS it would be a goldmine...well I disagree to myself now...without a memory scanner your line of defence would not be that big of a deal anyway...ok it will stop suspicious activities but without mem scanner...things can get out of hand.

I will predict golden future if they have the memory/realtime scanner/ SnS System Firewall and OP Networkfirewall...

But it must not be Bloated. the way it is now: it's not bloated...but it can be we'll see lol ... sounds like my father

 

Thanks for the link Blackcat. It has been a while since I visited kareldjag's site and there seems to be a lot more on it nowadays. Fascinating reading. Thanks to kareldjag! (of course).

Cya,
Rich

 

Kareldjag is better then we all think...he is even judgement free...

 

Totally agree. Kareldjag is a great read. Tons of info. Interesting that he came to the same conclusions as I did that:

1) ProcessGuard is a "must-have in a single computer".

2) RegDefend (or RegRun) are excellent companion products.

He also has some very positive comments on SnS, which makes the choice between the two difficult.

Rich

 

Actually he seems to be pushing for SnS, because it's a more complete product.

Some of the cons he lists for ProcessGuard look very serious too, time to switch I think.

 

IMO going with AntiHook, ProcessGuard (Free), and maybe Prevx (free) and SSM would be the way to go rather than SnS. All freebies, at least at this time, and will provide very solid protection.

 

Is there any need for PG (free) given antihook?

 

To me Kareldjag's tests are very informative, but I also found they are somewhat misleading.

For example, it listed a large number of failures by PrevX...presumably by having scripts run from programs already installed...this testing method is problematic because PrevX's main aim is to prevent the installation of malware, which in this case appears to have been purposely allowed to install.

The other way I find it somewhat misleading, is that it tested some software in area's that they do not claim to protect.

That said, the information makes for great information if you are trying to put together a security suite and want to know strengths and weaknesses.

 

I ran the Finjan tests and PG stopped them all. It did this by blocking wscript.exe from starting and by blocking finjan_exe_demo[1].exe from starting.

 

We seem to be reading different reviews. PG got a 9/10 (I believe SnS received an 8/10 which of course is also excellent) and also excellent comments (which I quoted). I don' think Kareldjag is pushing any product, just providing some good, comprehensive information on each reviewed product - and I am very appreciative of his efforts and his willingness to graciously share the information with us.

I agree with Vikorr, Kareldjag is simply trying to provide good information and it is up to each user to decide what they wish to take from the reviews. As far as I can see, I am currently in very good shape with KAV+ProcessGuard+RegDefend+Ewido. I am sure there are many other ways to get into very good shape - and I am pretty sure Kareldjag would agree. I am always looking at other products such as SnS, OnGuard, Prevx, Anti-hook, and if I believe my situation warrants it I will change/augment without hesitation. I am pretty maleable.

 

I must say SnS is improving by leaps and bounds and
and Kareldjag's personal comments on this forum have indicated a preferenace for it on this forum have indicated a preferenace for it.

When I stated my perference for Safensec, in no way did I imply your setup wasn't in "good shape", so your response sounds a tad defensive to me..

In any case, you once thought Norton was good, and you changed your mind, so I'm sure you will come around soon too...

 

Possibly Kareldjag will clarify. I don't believe he is "pushing" any product.

Never stated such a thing.

 

I think you will find that almost every HIPS product aims to be able to stop installation of malware. Any product with execution launch protection for example would fall into that category as well since by preventing the launch of unknown apps, you could prevent installation.

If that is the case, you could say, it would be unfair to credit SSM,PG,Antihook etc with all these fails too. So what if PG fails to detected registry modifications? Execution protection would have caught it before it installed!

Another problem is that most of these tests he conducts are meant to see if the programs can catch a certain advanced theorical attack, rather than exploits that cause auto execution of arbitary code attacks from visiting a website. Those of the former are rare , and known ones are already patched.

Yes, you should really look at the details, what exactly is being tested. Sadly far too many people just look at the final rating to decide that for example PG is superior to Safensec.

That said, I suppose these people just don't have the knowledge so they got to rely on the final ratings.

 

He seems to like it here.

 

Hi Blackcat,

I can easily understand why Kareldjag might express a personal preference for a product (e.g. SnS) while still rating another product (e.g. ProcessGuard) higher. For example, while KAV may show a higher detection rate in some tests, there are certainly other factors to consider.

Personally, I prefer ProcessGuard + RegDefend because I like their depth of technology, transparency, flexibility/extensibility, support, compatibility with my other products, and ease of use (from my perspective) . I certainly understand why others may prefer SnS, Anti-hook (a free product with lots of capabities), OnGuard, etc. However, I believe, expressing a preference for a product, is quite a bit different from "pushing" a product.

I think, in fairness, it remains for Kareldjag to suggest that he is clearly pushing one product as opposed to others. Personally, nothing I have read in any of his reviews or forum messages suggests this - but I will wait for Kareldjag to clarify if he chooses to. I personally do not favor putting words in other people's mouths to try to make a point.

Rich

 

Is anyone running PG and Safe'n'Sec together or tried this combination?

Just wondering if there would be much of an overlap between the two and whether it would be considered as potentially a good duo?

 

I had run them a bit together.

I guess my causal impression is that SnS handles the most critical targets of PG and RedDefend, with a couple of other items thrown in, but that PG and RegDefend are certainly more comprehensive in their respective core targets of process control and registry protection respectively under the usual protection settings.

Flagging of activity is also based on different criteria. PG will flag the start of any process not known to it or if it is known but attempting something outside of the predefined bounds. SnS (with monitoring set to Strict) only flags processes for which certain behavioral characteristics are satisfied (tries to install as a start-up entry, attempted overwrite of file in Windows system folders, registry edit, critical folder file renames, etc.)

I tend to look at it as comprehensive control vs. control based on a preset decision trees developed by StarForce with the ability to select very aggressive flagging (normal running uses Strict monitoring, but the user can select Total control, which is very comprehensive and not recommended as a routine setting) in the event of a suspected infection.

I found them stable when run together on my system, and you can develop a casual appreciation for the basic differences of approach.

Blue

 

I've been running them both for about a week now. I had PG and am considering SNS as a supplement. I took regDefend off yesterday as I prefer SNS.

SNS seems to work very well it tends to flag things that other packages don't but a bit more intelligent than Prevx. It also seems very light

 

Hi Blackcat,

I did try running PG and SnS for a brief time, but I had a still unexplained unexpected event (which I reported to Star-Force) so I reversed the installation using an image copy.

Basically what happened was after I installed SnS and rebooted, PG alerted me that my copy of ZoneAlarm had been changed. Since this alert could could not be explained, I used an image copy to revert to the prior image. A couple of weeks later I re-installed SnS and had the same event so again I went back to an image copy. Star-Force support on their forum responded to my inquiry with an acknowledgement that there is a known comflict between SnS and ZoneAlarm that has been fixed and will be available with the next release. This is all the info that I have about this issue, so it still remains somewhat unexplained.


Rich

 

Given that the rating he gives is a subjective one , your argument doesn't stand.

 

I'm curious how is your current combo superior to SafeNsec.

You claim

Depth of technology- In what way?
Transparency - In what way?
Flexibility,extensibility - In what way?
Compatiability - Give details

Regards