SSM or CyberHawk?

Discussion in 'other anti-malware software' started by mercurie, Feb 25, 2007.

Thread Status:
Not open for further replies.
  1. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    Fellow Creatures,
    I want to add one of these. I do not really want a firewall on "My PC" (see below) I am behind a NAT Router which of course blocks all inbounds and as you can see and many will know I am a loyal BOClean user. Another words I like my set up.

    Opinions and advice? Thanks. :)

    EDIT: I do mean the free. SSM 2.0.8.583 and CyberHawk Basic.
     
  2. EASTER.2010

    EASTER.2010 Guest

    I always run BOTH together with absolutely no issues to report.

    You can display the SDT Table with RKUnhooker and you will see which lines of coverage they both position at. I never experienced any overlap of coverage that might be of concern when both were resident.
     
  3. vhick

    vhick Registered Member

    Joined:
    Jan 21, 2006
    Posts:
    224
    Location:
    Noypi.........
    yup! you can use both but i migrate from SSM (i know its more powerful) to cyberhawk because im too dumb for SSM. but i combo it with sandboxie.

    but the two products is very good.
     
  4. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    Thanks for the replies. By the way I am not being lazy I have been searching the forum for older threads on this for several hours. There does seem to be much on these.

    Like here: https://www.wilderssecurity.com/showthread.php?t=152500&highlight=dynamic Security Agent

    But I also learn that CyberHawk seems to have screwed up by starting into blacklist instead of just sticking to behavior. Yea understand, after all I have BOClean for the sigs. based stuff. :rolleyes: I guess CyberHawk is going to get Bloated. Perhaps getting an older version is the way to go. :doubt:

    Looks like DSA (Dynamic Security Agent) holds a lot of promise. Perhaps it is just to early to be getting into this HIPS stuff yet. (See BLUES Comment in post 18 in the above link). It looks like SSM is the most mature. Many say it was just to much for them. so then again my focus turns to DSA or perhaps I should just wait on all of this a little longer. :rolleyes: Oh well if I decide to do that it's been a real education.

    I still welcome more postings. Appreciate. Thanks. MERC. ;)
     
  5. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    Having not ever used Cyberhawk I cannot comment on it. But I can say that I very much like SSM, althought I have the non-free version. I find it to be a very capable addition to my security software. It does take some getting used to, but it is well worth it. I have it set to "prevent termination' of my security apps, which is just another way I know, with SSM, I'm secure.
     
  6. Cyberhawk Support

    Cyberhawk Support Registered Member

    Joined:
    Oct 26, 2006
    Posts:
    140
    Location:
    Boulder, CO
    Hi Mercurie--

    Just want to clear up any misconception about Cyberhawk.

    It does NOT rely on a blacklist to block malicious behaviors. It relies strictly on behavior-based detection to block any malicious or suspicious behaviors.

    If Cyberhawk detects behavior that it would normally alert on, then it will perform a second check to see if this particular behavior matches any known malware on our blacklist. In this way we can help make certain user interactions with Cyberhawk more straightforward--automatically block a known bad behavior, present the actual name of a malware, automatically quarantine it in our Pro version, etc. The blacklist check though is always secondary to the initial behavior-based detection. If we detect malicious behavior and do NOT match it to any item on our blacklist database, then we will still alert and block the behavior in question.

    BTW, since this is not a traditional signature-based blacklist we're able to keep the footprint of the database very small and we do not expect the blacklist to contribute to any "bloating" of Cyberhawk.

    Hope this helps understand the product a little better.

    Kind regards,

    Becky Dubrow
     
  7. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    Thank you for your reply Becky it is helpful. ;)
     
Thread Status:
Not open for further replies.