x64 Protection

Discussion in 'other anti-malware software' started by begemot64, Aug 6, 2010.

Thread Status:
Not open for further replies.
  1. begemot64

    begemot64 Registered Member

    Joined:
    Jul 28, 2010
    Posts:
    71
    Currently, I am quite happily running Defensewall with Prevx on several 32 bit machines.

    However, I need to set up another machine that will run x64, and I was wondering what solutions (comparable to Defensewall in effectiveness) exist? I realise there was a lot of discussion about this a while back, have things changed or improved? Anything new on the market? Or is patchguard still the bane of x64 security?
     
  2. Eirik

    Eirik Registered Member

    Joined:
    Oct 6, 2008
    Posts:
    544
    Location:
    Chantilly, Virginia
    I product manage endpoint security at Blue Ridge. DefenseWall is an excellent product. AppGuard and DefenseWall have many similarities. I'll defer to others here for comparisons.

    We're currently beta testing a new AppGuard agent that supports 64 bit hosts. You can find more information in this thread.

    We're in round 2 of 3 of the beta. The third one will implement refinements to a feature called MemoryGuard in early September. In beta 2, this feature is disabled by default. Its still rather 'chatty'. We encourage users to enable and disable as they please. We're looking for conflicts and legitimate code injections by 3rd party software. We're scheduling final release for end of September.

    And this page provides more information as well as the install download.

    Beta participants earn a free lifetime license for up to three PCs.

    Cheers,

    Eirik
     
  3. begemot64

    begemot64 Registered Member

    Joined:
    Jul 28, 2010
    Posts:
    71
    Eirik,

    Thanks very much for your reply. Your product looks very interesting, is there any place on your website that gives a more technical description of how its functionality is achieved?

    For example, does Appguard use user mode hooks? How does it achieve strong protection under x64, despite Microsoft's Patchguard, when solutions like Defensewall can't?

    https://www.wilderssecurity.com/showthread.php?t=250126

    A very interesting looking product.

    Many thanks,
     
  4. Eirik

    Eirik Registered Member

    Joined:
    Oct 6, 2008
    Posts:
    544
    Location:
    Chantilly, Virginia
    There's a white paper on the AppGuard product page of our website, which I need to revise this month. However, it does not and will not go into details about the 'under the hood' mechanisms it employs. The reason has to do with target audience.

    In Win Vista/7, AppGuard no longer employs hooks. In fact, with our 64 bit R&D, we moved to an entirely new framework. So, if you recall all the press in June/July over that theoretical attack that circumvents security software that employs hooks (cannot recall the terms), this new framework for Vista/7 is unaffected. We decided to use this new framework in 32 bit Vista/7, not just 64 bit, because we believe it would significantly reduce the probability for software conflicts with other security products.

    Now in XP, we still use the original framework which I believe does employ some kind of hooking.

    Cheers,

    Eirik
     
Loading...
Thread Status:
Not open for further replies.