Webshield vs. HIPS

Some antiviruses have Webshields (Avast, DrWeb Beta, KAV, NOD32) and some have HIPS (F-secure, KAV) but do we need both? Webshield slows always the surfing speed down more or less but can a HIPS compensate Webshield as a whole or vice versa?

Still the biggest players have not these applications at the moment!

Best regards,
Firefighter!

 

Actually Web Shield is avast!'s specific name... "HTTP scanner" is a general term for others...

 

kaspersky has both a HIPS(proactive defence) and web av (http scanner)
lodore

 

I think he is asking if the two are interchangeable?

 

this two features is have different function i think. http scanner only catch malware over http and based on signature/heuristic before execution but hips is catch malware via behaviour checker so hips only run if malware is executed.

 

Do WE need both probably not.
Does the average joe user probably not, but one would be of a great benefit.

In the case of replacing HIPS with HTTP scanning etc. I believe AVs with excellent detection ratings, ie. KAV/NOD32/F-Secure etc. could ditch the whole web scanner business and utilize the HIPS IMO.
Some will freak out and say that they can't live without HTTP scanning and i ask "Why not?" you did a few years ago!
HTTP scanning so far as I know uses the same signatures as the RT AV, so it blocks the malware from getting into you system Or your RT av finds it in the temp dir's..... I don't see the difference.

By the BIG boys I am assuming you mean Symantec, McAfee, Trend. These folks I do believe, and this is only my opinion, know that this is the route that needs to be taken but due to compatability and/or corp/home demand have yet to roll it out, and why include it when you can scam joe user into buying another yellow or red box?

 

The main difference between the two is that an HTTP scanner attempts to detect malware before it downloads, while HIPS is designed to stop a malware program from executing if it does get by your scanners.

 

i would say that http scanners can be useful for blocking website exploits but can slowdown web surfing so you could just use a third party browser.
HIPS are useful for blocking malware that gets past the realtime scanner.
lodore

 

Web shields are not needed but HIPS and behaves are must for new malware not detected by signatures/ heuristics.
I will prefer HIPS/ behaves a lot over web shields.