Theres DeepScreen thats checking unknown files and CyberCapture thats checking files in a backend, a full HIPS will come early next year.
w/Avira, in-depth behavioral analysis on "unknown" files is done in APC (Avira Protection Cloud) - local agent just determines whether a file needs to be submitted or APC queried.
Two or three years a go I tried theI like BB of Comodo best (what did I say ), correction I like the CONCEPT of that BB version of Comodo best. That BB of Comodo was and exe monitor, which has the option to put an exe name or a vendor (or the lack of one) into a policy container (using the HIPS) or a sandbox or block it. So the BB really was more of a whtelist.