Discussion in 'General Returnil discussions' started by waters, May 1, 2012.
Does the anti-executable component protect against virus and malwares
Yes, but remember it is just one component in the overall strategy...
Thanks ,but how good is that component.Would it stop more or less than the anti virus.How does it compare to AppGuard and others.
It is a simplified approach with the following settings only:
1. Allow programs to do as they will
2. Trust only know services
3. Trust only known exe's
It works by restricting access as described above with the highest setting being #3. You cannot allow anything and there are no rules to write.
Also note that comparing it to a traditional HIPS solution is not appropriate as it is not designed to be a stand-alone HIPS solution; rather it is a component part of the whole in a vertical, layered security approach.
You could think of it as putting an angry dog in front of your door after locking the door...