Discussion in 'other anti-malware software' started by Banshee, May 30, 2012.
Or any other reliable testing companies. There's a strange absence of reliable tests for AppGuard.
I don't think you understand how Appguard works. You can test it yourself.
For AV's you need testing companies, as they are looking for specific malware, and so testing reveals how a product both detects and removes that malware.
Appguard doesn't look at whether software is good or bad, it just blocks it from certain actions. So for example it isn't supposed to allow any execution of a program on the test top. So it is easy to put a simple exe on your desktop and try and run it. If it is blocked then Appguard worked as advertised.
Good explanation and a reason why there is nothing for an AV testing site to test or compare. On Win 7 Pro., I've grown to love the way it works for me, Locked Down and turn all messages off. If something mis-fires, I'll take a look in event viewer.
So it is a HIPS?
The question is about all types of malware trying to run on a computer. If none of all types of malware can bypass the AppGuard - then really it works as advertised. That's why I want reliable tests. Like DefenseWall - it gets 100% protection from all malware - in all known to me tests, though like the AppGuard has no detection and removal.
No, it uses the concept of a trusted enclave rather than default deny which is more typical of classical HIPS. If I had to sum up the approach that AppGuard uses in a single sentence, I would say that it is one of restrict the untrusted rather than deny the unknown. For example, a browser is a known good application, but it must be untrusted and restricted accordingly because of the inherent risk of Internet-facing applications being used as an attack vector.
I agree it would be nice to see AppGuard tested, which is why I approached MRG as they already include DefenseWall in their anti-malware tests.
I might be mistaken but, wouldn't MRG need written permission from Blue Ridge Networks in order to test AppGuard ?
I ask because as AV organizations, that test AVs, I guess they may need to request permission from the AV developers and, probably charge a fee to the AV company to perform the tests.
Am I right or wrong ?
I imagine that it would require the agreement of both parties. When I mentioned to MRG whether they would consider including AppGuard in their tests, they said no, so there didn't seem a lot of point in following it up with BRN.
btw, I forgot about the Matousec 'Proactive Challenge' test - AppGuard fits there. Did anybody test the AppGuard with there suit? Sorry to speak again about the DefenseWall - this app takes 100% when you test it with their 32 bit suit (I haven't tested it but some guys did it). If the AppGuard takes 100% - then no questions about its strength.
pegr, thank you for the links, here is written that it beats 'over 90%' of malware (in the bottom of the page). So the AppGuard is 'over 90%' for now?
That was version 1.4.7 before the addition of MemoryGuard. It's likely that the current version 3.4.2 has a protection level that is close to 100% in the high and lockdown modes, but without independent testing by a respected anti-malware testing lab it's all very subjective. I don't know of any reported bypasses though by Wilders members who have carried out their own private testing.
Separate names with a comma.