Author Topic: Comodo vs Crowdstrike  (Read 4408 times)

Offline ReeceN

  • Comodo's Hero
  • *****
  • Posts: 625
  • Paranoid B#st#rd - CIA
Re: Comodo vs Crowdstrike
« Reply #15 on: July 25, 2020, 04:34:32 PM »
What do I do?

I've had the same sort of confrontation where no matter how hard you try, no matter how many facts you tell them, they refuse to comprehend how it works, and that how you say it works, is how it actually works.

How about this..

Every week on YouTube put CIS against a random AV Client in a Virtual Machine to see how many infections each VM gets.

You can YouTube search "AV Comparison" or something similar to see what I mean.

Then see how long CIS can hold the record for 0 infections against the most popular AV's getting marketed to people.

There is quite a big market for people who search for and watch these AV review videos, and I think it is something that you could absolutely tap into!

A certain AV vendor currently sponsors someone on YouTube to do these types of videos. I think it's about time to let every know who watches these that Comodo will wipe the floor with its competition.

As an addition. Whenever a certain piece of Malware hits the news, you could also test that too, as people will undoubtedly YouTube search its name.

P.s. Human voice only.
« Last Edit: July 25, 2020, 04:36:37 PM by ReeceN »

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14690
    • Video Blog
Re: Comodo vs Crowdstrike
« Reply #16 on: July 25, 2020, 04:37:21 PM »
good ideas...

I am baffled about how many people out there who simply don't or can't use their grey cells.....yet they dish out advice.....crazy!

Offline ReeceN

  • Comodo's Hero
  • *****
  • Posts: 625
  • Paranoid B#st#rd - CIA
Re: Comodo vs Crowdstrike
« Reply #17 on: July 25, 2020, 04:38:11 PM »
good ideas...

I am baffled about how many people out there who simply don't or can't use their grey cells.....yet they dish out advice.....crazy!

Absolutely with you there!

Offline Whoop-dee-doo

  • Cave Dweller
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 1112
  • What are you staring at?
Re: Comodo vs Crowdstrike
« Reply #18 on: July 25, 2020, 06:52:43 PM »
Hi Melih,
It has been a while since i last posted in these forums, but i still hop in and read them every 1-2 weeks.
I was a member of the Usability Group many years ago.

I have an analogy that may demonstrate what i think is a psychological preference to a certain method of security:
I own a house  that contains all my valuable items, and I have 2 main security options:
1) have a guard at the entrance to my house.  This guard tries to identify bad people or unknown people and keeps them out of my house (black list) and identifies my friends that i can trust and lets them into my house (white list). This is similar to detection, which conceptually keeps bad things away and lets good things in.
2) have a guard inside my house.  Anybody can come inside my house, but the guard will follow them around and make sure they don't do anything bad (e.g. steal or break something). This is is similar to prevention (if the guard sees a malicious act, he stops it or prevents it form causing harm).

Let's say, for the sake of this analogy, that both guards perform with 100% effectiveness, so both guards could protect my house and its contents equally well. Even with an equal level of protection, I think most people would prefer to keep criminals out of their house, so they favor the concept of detection (which is "don't let bad people inside"). They just don't want bad things on their property...it's a more appealing concept and "feels" more secure than having bad people roaming around your property, even if the badness can't do any harm.

I think the preference of "don't let bad inside in the first place" will be difficult to change because it seems to be conceptually sound (even if may not be sound in all circumstances).

I do not emphasize that "detection" is unimportant (mainly because I think most people feel more comfortable with  "don't let bad things inside" approach). Saying detection is not important may make them feel like their comforting belief is being attacked, which would cause them to turn away immediately.

For me, I emphasize that Comodo offers good detection, and this jives well with the fact that most people favor the "don't let bad things inside" approach.  But I also emphasize that no detector is 100% accurate and that Comodo offers both guards: one at the entrance to the house, and one inside the house. So, if anyone malicious manages to get inside the house, you are still protected!  The people I deal with are mostly laymen, so i don't really explain the HIPS or sandbox in detail.  I just say they are both tools the "inside guard" uses to protect the house.

I also use this analogy: If you are taking a plane flight, would you rather depend solely on security screening in the airport to hopefully detect hijackers, or would you prefer airport screening AND an air marshal riding on board the flight to help protect the flight from anyone who managed to slip by airport security? So far, everyone has said they prefer both.

These analogies seem to avoid denigrating their belief in detection, while also showing its limited capability. Also, with these analogies, people immediately realize the crucial protection offered by the "inside guard".

I believe that Comodo's "inside guard" is the best. I am not sure how to convince everyone else on this planet, but I certainly hope they all see the light!

Anyhow, just thought I'd share some thoughts.  Thanks for all the great Comodo Products!


Whoop
"The best way to have a good idea is to have a lot of ideas." - Linus Pauling   :-La 

"Don't find fault. Find a remedy." - Henry Ford

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14690
    • Video Blog
Re: Comodo vs Crowdstrike
« Reply #19 on: July 25, 2020, 07:00:24 PM »
Hey Whoop,
of course I know and remember you :) nice to hear from you again.

Yes indeed. difficult to re-wire people's belief system. Defense in depth is always a good strategy. That is exactly what Comodo is saying.
Deploy defense in depth and don't just rely on detection.

Offline jay2007tech

  • Malware Research Group
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 2309
Re: Comodo vs Crowdstrike
« Reply #20 on: July 25, 2020, 08:44:35 PM »
When it comes to Melih's ideas on preventing and killing malware.  I think Melih's nickname should be "Merchant Of Death"  :-La
It's hard being a crooked Admin when the files won't pass an md5checksum test.  But like any other good crooked Admin it can be done, it just takes time(and lots of it) and a few aspirins

Offline ZorKas

  • Comodo's Hero
  • *****
  • Posts: 1951
Re: Comodo vs Crowdstrike
« Reply #21 on: July 26, 2020, 01:32:34 AM »

The detection is preliminary, the observation of a malicious individual inside a system is quite different, Comodo has an undeniable advantage on this precise point.
On the other hand, the advanced parameters of CIS for insiders allow to establish a defense menu worthy of a 3-star restaurant.

Windows 10 Pro x64 Build 19043.1288 - Comodo CIS Pro v.12.2.2.8012 - Linux 20.2

Offline CommodoUser2019

  • Comodo's Hero
  • *****
  • Posts: 257
Re: Comodo vs Crowdstrike
« Reply #22 on: July 26, 2020, 12:26:07 PM »
When trying to educate others, Comodo uses such a different philosophy that it starts out as ignorance on peoples part, then cognitive dissonance when trying to explain it to them. If any of the competitors begin to understand it, then fear, then avoidance. They don't want to empower Comodo by continuing an engagement that they may lose (Comodo is an odd duck to them) and end up upsetting the balance of power in the marketplace.

You can try hiring a brilliant marketing guy/girl and maybe Gorilla Marketing strategies.

Offline jmike

  • Newbie
  • *
  • Posts: 14
Re: Comodo vs Crowdstrike
« Reply #23 on: December 16, 2020, 03:58:08 PM »
Brilliant, prevention from zero day and unknow files excution. my respect to this revolution.  :) ;D :P0l

Offline ubuysa

  • Comodo's Hero
  • *****
  • Posts: 451
Re: Comodo vs Crowdstrike
« Reply #24 on: December 17, 2020, 04:44:30 AM »
There are so many so called "Cybersecurity professionals" who still don't get how Comodo works :)

I tell them, we can protect you without having to "detect" its malware....they say ..no....can't do that!!

What do I do?
Well you might use some famous quotes from Sun Tzu's (alleged) book The Art Of War....

All war is deception - make malware believe that it's running as expected on a real machine

The greatest victory is that which requires no battle - don't try to detect malware (the battle) simply make it impotent

Do not engage an enemy more powerful than you. And if it is unavoidable and you do have to engage, then make sure you engage it on your terms, not on your enemy’s terms - don't try to beat malware by detecting it or by interfering with it, allow it to run on your terms in your container.

Victorious warriors win first and then go to war, while defeated warriors go to war first and then seek to win - containment assures victory when you got to war with malware, attacking the malware itself and seeking to win leads to defeat.

It is more important to out-think your enemy, than to outfight him - by allowing malware to run but contained you have out-thought the malware author, through detection you must always outfight him.

He will win who, prepared himself, waits to take the enemy unprepared - by running all unknown processes in a container you have prepared a defense for which the malware is unprepared.

Don't depend on the enemy not coming; depend rather on being ready for him - assume that every unknown process contains malware and run it in a container.

The height of strategy is to attack your opponent’s strategy - malware's strategy is to infect your system, so give them a fake and contained system to infect.

Sun Tzu lived in the 5th century BC and yet his lessons are applicable to the war against malware even today.

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14690
    • Video Blog
Re: Comodo vs Crowdstrike
« Reply #25 on: December 23, 2020, 01:29:05 PM »
This is amazing!!!!! Very clever way of explaining it. Thank you.

I will be using it extensively.

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14690
    • Video Blog
Re: Comodo vs Crowdstrike
« Reply #26 on: December 23, 2020, 04:15:59 PM »
Here it is Ubuysa!
(including Credit at the bottom)!
Great work


 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek