Author Topic: Comodo vs Crowdstrike  (Read 4380 times)

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14690
    • Video Blog
Comodo vs Crowdstrike
« on: July 22, 2020, 02:50:16 PM »

Offline liosant

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1595
  • GOD cure me epilepsy and atrophy - Sou brasileiro!
Re: Comodo vs Crowdstrike
« Reply #1 on: July 24, 2020, 08:57:23 AM »
if I had a company, protection software would be products comodo...

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14690
    • Video Blog
Re: Comodo vs Crowdstrike
« Reply #2 on: July 24, 2020, 08:59:28 AM »
Thanks!

we are not educating all these "Cybersecurity Professionals" that in order to protect your company you don't need to "detect".

You can protect your computer without "detecting" thanks to our Auto containment technology!


Offline liosant

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1595
  • GOD cure me epilepsy and atrophy - Sou brasileiro!
Re: Comodo vs Crowdstrike
« Reply #3 on: July 24, 2020, 09:08:48 AM »
Comodo containment, allows you to open and test applications without affecting the system...

Offline ReeceN

  • Comodo's Hero
  • *****
  • Posts: 625
  • Paranoid B#st#rd - CIA
Re: Comodo vs Crowdstrike
« Reply #4 on: July 25, 2020, 08:33:39 AM »
In a world where there is an excess of over 100,000 new malware samples each day, it is simply no longer feasible to think that you can detect all new malware. You can't, you won't and if you just youtube AV reviews you will see that this will be made abundantly clear to you. The best thing you can do if you use detection-only based AV is to cross your fingers and hope you don't get attacked with anything moderately sophisticated.

If this is the only approach that you take to secure yourself from malware, you may as well just get a marker out and write "hack me" on your forehead, because you sure as ain't protected from people who are going to put effort into doing so.

In my opinion, Comodo is something alert IT teams really need to review.

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14690
    • Video Blog
Re: Comodo vs Crowdstrike
« Reply #5 on: July 25, 2020, 11:11:25 AM »
The Father of Computer Science wrote a paper called the "Halting Problem" in 1936.. (here is an explanation of it https://enterprise.comodo.com/whitepaper/Impossibility_of_Virus_Detection_WP.pdf  )

We had to take a totally different approach .... chasing our tail like everyone else looked very tiring with no result!

So the AHA! moment was when we thought....what does malware need to cause damage?
Why not simply take those stuff that malware needs away from them!
just like you don't give kids sharp knives, just in case....why are we giving Malware big sharp sword???

That's when we figured what the Malware needs to cause damage in the main was

1-Write privilege to hard disk
2-write privilege to the Registry
3-write privilege to the COM interface

Write privilege means: the right/ability to write to hard disk...why would you want a brand new untrusted app to start writing to your hard disk??? It could simply overwrite your own good files.....yep...Ransomware....
So when a new executable file comes in if its never seen before by Comodo...we say "hey kiddo...here is a really good plastic knife" ;)
Lets say a Ransomware makes it to your computer because the user clicks anything shiny on the web...
this ransomware is now running in RAM....and says....I want to "READ" hard disk....
Comodo says:...hmm.."READ" privilege..its ok...go ahead and read it....
then
Ransomware says:...I want to "encrypt" this file that I just read...
Comodo says: hmm....just messing around inside RAM...no damage done...go ahead....
Ransomware says: Now I have an encrypted file...I want to delete your original file and overwrite it with just encrypted....
Comodo says:...say what?? you want to have a "WRITE PRIVILEGE" to hard disk...Don't think so....here is a "Virtual Write Privilige to a Fake Hard disk" .....
Ransomware says: oh thank you, let me write there....
All the while Ransomware is writing to a "fake hard disk" where user's original files are untouched and safe on the hard disk.

here is a video of the explanation https://youtu.be/ScIyNihELko 

some might say, how about stealing information while still operating in RAM etc....Comodo has policy settings where any unknown application running in RAM can be prevented from enumerating your Hard disk and send them to internet...why would you want an unknown app to come and take stuff and send it to some place in the internet anyway!!!

Time to Re-Think Cyber Security.



Offline ZorKas

  • Comodo's Hero
  • *****
  • Posts: 1950
Re: Comodo vs Crowdstrike
« Reply #6 on: July 25, 2020, 01:06:32 PM »

Comodo CIS has a defense philosophy that has convinced me for more than 15 years
Thank you Melih for existing and for creating Comodo  :)

Windows 10 Pro x64 Build 19043.1288 - Comodo CIS Pro v.12.2.2.8012 - Linux 20.2

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14690
    • Video Blog
Re: Comodo vs Crowdstrike
« Reply #7 on: July 25, 2020, 01:18:30 PM »
Thank you ZorKas!

Offline cruelsister

  • Comodo Loves me
  • ****
  • Posts: 135
Re: Comodo vs Crowdstrike
« Reply #8 on: July 25, 2020, 01:46:47 PM »
As ample tools are currently available for even novices to use in order to convert detectable malware to the FUD variety, relying on Detection only is indeed misguided. The strength of Comodo is Containment where FUD malware such as ransomware (delivered either by executables or Scripts) do not succeed (and God knows I've tried) in infecting the System. Even better, Network spread by various forms of malware is also inhibited- sort of important in the Enterprise.

However with the advent of malware using LoLbins I STRONGLY suggest that the default Auto-Containment level be elevated to at least Limited to prevent ANY untoward System changes from occurring.

M
« Last Edit: July 25, 2020, 02:45:38 PM by cruelsister »

Offline Ploget

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 1891
  • 'Your best teacher is your last mistake'
    • Schneier on Security
Re: Comodo vs Crowdstrike
« Reply #9 on: July 25, 2020, 02:36:44 PM »
Many thanks for your advice as always
However with the advent of malware using LoLbins I STRONGLY suggest that the default Auto-Containment level be elevated to at least Limited to prevent ANY untoward System changes from occurring.
Ploget

All Win 10 x 64 Pro - 21H1 (19043.1288) / CIS 12.2.2.8012
Comodo Forum Policy
“If you think you are too small to make a difference, try sleeping with a mosquito”

Offline Ploget

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 1891
  • 'Your best teacher is your last mistake'
    • Schneier on Security
Re: Comodo vs Crowdstrike
« Reply #10 on: July 25, 2020, 02:38:12 PM »
I'll second that. I thank the day I found Comodo
Comodo CIS has a defense philosophy that has convinced me for more than 15 years
Thank you Melih for existing and for creating Comodo  :)
Ploget

All Win 10 x 64 Pro - 21H1 (19043.1288) / CIS 12.2.2.8012
Comodo Forum Policy
“If you think you are too small to make a difference, try sleeping with a mosquito”

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14690
    • Video Blog
Re: Comodo vs Crowdstrike
« Reply #11 on: July 25, 2020, 03:01:21 PM »
There are so many so called "Cybersecurity professionals" who still don't get how Comodo works :)

I tell them, we can protect you without having to "detect" its malware....they say ..no....can't do that!!

What do I do?

Offline Avos

  • Comodo Loves me
  • ****
  • Posts: 171
Re: Comodo vs Crowdstrike
« Reply #12 on: July 25, 2020, 03:04:13 PM »
"Let's not reason about them, but look and pass" (Dante Alighieri)  ;)

Offline Ploget

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 1891
  • 'Your best teacher is your last mistake'
    • Schneier on Security
Re: Comodo vs Crowdstrike
« Reply #13 on: July 25, 2020, 03:10:10 PM »
Another 40+ top Universities brought down today courtesy of Blackbaud . . . Garmin plus its flight and navigation systems down . . . Ransomware on the prowl
There are so many so called "Cybersecurity professionals" who still don't get how Comodo works :)

I tell them, we can protect you without having to "detect" its malware....they say ..no....can't do that!!
Ploget

All Win 10 x 64 Pro - 21H1 (19043.1288) / CIS 12.2.2.8012
Comodo Forum Policy
“If you think you are too small to make a difference, try sleeping with a mosquito”

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14690
    • Video Blog
Re: Comodo vs Crowdstrike
« Reply #14 on: July 25, 2020, 03:22:04 PM »
https://www.linkedin.com/posts/hackercombat-cyber-security-community_crowdstrike-activity-6691755950585606144-v9o3

Here is a topic in HackerCombat

This guy called Adrian just deleted all his posts and disappeared because he was having difficulty in understanding what Comodo Technology was....Yet he advises companies on security his linkedin profile says....

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek