When will Cyberhawk be ready to take on Prevx1?

Discussion in 'other anti-malware software' started by duke1959, Oct 17, 2006.

Thread Status:
Not open for further replies.
  1. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    Just wondering as CH seems like such a very good free HIPS product.
     
  2. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Prevx1 is certainly CIPS, not HIPS.
    I don't know what CyberHawk is, if it is HIPS you can't compare it with Prevx1.
     
  3. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I have not found CH good. Tried many times and never worked well on my system with frequent lock ups. Also does not seem to intercept much.
     
  4. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    "CIPS" seems to be a marketing term coined by Prevx. Nevertheless, Prevx does fall within the HIPS-category of security programs.

    The "H" in "HIPS" stands for "Host-based." "Host based" refers to an operation that is performed by software that runs within the user's computer rather than within a peripheral device or server. Since Prevx runs within the user's personal computer, it IS a host-based system. Since Prevx is an Intrusion Prevention System, it is also an IPS. Therefore Prevx is a HIPS.

    Further, Prevx is correctly classified as HIPS by THIS review & test.

    In olden days, Intrusion Prevention Systems (IPS) were primarily based in networks or server hubs. The term "HIPS" became popular when IPS were developed for use on individual home computers, SOHO, et alia. Thus "Host-based IPS" was the term used to differentiate user-computer-based IPS from server-or-hub-based IPS.

    The concept that no other HIPS can be compared to Prevx is rather too narrow. The review linked above lists and compares several types of HIPS including...

    A) HIPS based anomaly detection {Example: Cyberhawk}
    B) HIPS based misuse (signature file) detection and anomaly detection {Example: A²}
    C) HIPS based white list, misuse and anomaly detection {Example: Prevx}
    D) HIPS pure white list {Example: Anti-Executables}
    E) HIPS based anomaly detection and integrity checking {Example: Viguard}
    F) HIPS based white list or/and virtualization or/and sandboxing or/and policy restrictions {Example: DefenseWall}
    G) HIPS based virtualisation technology {Example is BufferZone}
    H) HIPS based rootkit prevention and detection {Example: Gmer}
    I) EndPoint HIPS based zero day protection {Example: SocketShield}
    J) End-Point HIPS based Buffer Overflow protection {Example: DefensePlus)

    As shown above, CH & PX approach IPS in somewhat different ways. Both provide excellent IPS-type protection. However, at this stage, Prevx's huge database of processes would (IMO) perhaps give it *somewhat better protective abilities* than CH's behavioral analysis approach. On the other hand, a zero-day occurrence would likely be handled faster by Cyberhawk (short-term) -- Prevx users might have to wait a bit for a final decision. CH is presently free. Prevx is non-free, and requires annual renewal. However, Prevx offers a time-limted free trial which can remain free beyond the trial period under certain caveats.

    There... you now have something of a comparison (!) of certain aspects of Prevx vs CH. I'm sure others can offer further valid selection factors if they're a-mind to do so.
    ~~~~~~~~~~~~
    MORAL- There never was a horse that couldn't be rode. There never was a rider that couldn't be throw'd.;)
     
  5. Chubb

    Chubb Registered Member

    Joined:
    Aug 9, 2005
    Posts:
    1,967
    Hi bellgamin,

    Good post!!!
     
  6. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    To me CH seems like a Behavioral Blocker, and as i posted my experience was not good. Personally i found Behavioral Blocker componenet of ZAP( OS fireWalL) very impressive. I wish if they had made it a standalone product as well!
     
  7. kdm31091

    kdm31091 Registered Member

    Joined:
    Jul 18, 2006
    Posts:
    365
    Cyberhawk seemed nice except it would flag some legitimate stuff and never saw it flag anything dangerous (maybe thats good?). It also does tend to have a high load on the system as far as booting and some CPU usage, etc.
     
  8. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Bellgamin,
    Thanks alot for you informative and usefull post, I'm getting closer and closer every day. :cool: :)
     
Loading...
Thread Status:
Not open for further replies.