An excellent summary of the strength of Comodo's containment.
1). I'm glad that fileless malware was highlighted as Comodo provides lockdown protection against Scriptors of various types (wscript, vbs, powershell, python, etc) by means of the Script Analysis function (which works hand in hand with Containment). Most (all) other security solutions do not provide such a blanket protection.
(For any that would like to verify for themselves, let's consider a (very) simple loop script- one which will do nothing but open up a cascading series of Calculators:
ECHO off
:top
START %SystemRoot%\system32\calc.exe
GOTO top
Paste the above into notepad, and save as calc.bat
You can run it safely and see what gets plopped into Containment- flush Containment, and all is back to normal. You can try this also with your regular AV and see what happens).
2). In addition to fileless malware, Comodo will also protect quite well against things that malware authors use as replacements for Scripts- certutil, MpCmdRun, and BTSAdmin. Also it will stop very nasty things like malware utilizing Schtasks. I did a number of videos using malware coded around this to show how inadequate popular security products were at providing Boot Time protection.
In short, if you would like to be confident about being protected for malware, use Comodo. If you would rather worry, use something else.
M
