Why Comodo's Antivirus security is different

[Melih]

https://www.youtube.com/watch?v=ScIyNihELko&feature=emb_logo

[CommodoUser2019]

Melih,

It's been a while. Good to see you back in town.   

PS. Thanks to you and your team for the new release 7036.

[ReeceN]

Welcome back to the forum lol.

[Jon79]

https://www.youtube.com/watch?v=ScIyNihELko&feature=emb_logo

Melih, this message is really astonishing.
Your statement goes completely against the concept of containment... containment is like placing a virus into a cage (so, like the lockdown in your picture) so that it can't harm the PC, while traditional AVs are like killing an already spread virus (you can make a vaccine only after you discover something unknown is a virus)... but now you said Comodo is like a vaccine...

[ZorKas]

Hello Melih,
Happy with your return
Very good demonstration on containment 
Have a good day
ZorKas

[ubuysa]

Melih, this message is really astonishing.
Your statement goes completely against the concept of containment... containment is like placing a virus into a cage (so, like the lockdown in your picture) so that it can't harm the PC, while traditional AVs are like killing an already spread virus (you can make a vaccine only after you discover something unknown is a virus)... but now you said Comodo is like a vaccine...

I think you're being too literal.

What Melih is rightly saying is that a vaccine is better than a lockdown because if you're vaccinated you don't care if you're exposed to the virus because it can't hurt you, but lockdown can fail letting the virus in - and then it can hurt you. The analogy Melih is using is that containment is better than detection; here containment is the vaccine so you don't care if you're exposed to the virus because containment won't let it hurt you, and detection is the lockdown, which can fail letting the virus in - and then it can hurt you.

[Jon79]

I think you're being too literal.

What Melih is rightly saying is that a vaccine is better than a lockdown because if you're vaccinated you don't care if you're exposed to the virus because it can't hurt you, but lockdown can fail letting the virus in - and then it can hurt you. The analogy Melih is using is that containment is better than detection; here containment is the vaccine so you don't care if you're exposed to the virus because containment won't let it hurt you, and detection is the lockdown, which can fail letting the virus in - and then it can hurt you.

This is what Comodo has been advertising for years:
https://containment.comodo.com/why-comodo/how-we-do.php?af=7639

Default Deny with Auto-sandboxing
The Jail House Method of Containment

So lockdown = jail house = containment

At least it's a misleading message... that's just my opinion

[ZorKas]

In fact, Melih's demo confirms what's going on with the Covid-19
We must isolate the time to find a vaccine
Only containment prevents the spread of an unknown virus
Method cannot be ignored

[Jon79]

In fact, Melih's demo confirms what's going on with the Covid-19
We must isolate the time to find a vaccine
Only containment prevents the spread of an unknown virus
Method cannot be ignored

Exactly, so I would have understood if Melih had advertised Comodo containment as the lockdown, not as the vaccine...

[NDABBRU]

In fact, Melih's demo confirms what's going on with the Covid-19
We must isolate the time to find a vaccine
Only containment prevents the spread of an unknown virus
Method cannot be ignored

Put this way it is clearer ... 
The virus is put into containment, so it does no harm, waiting to find the vaccine to defeat it.
It is the concept that Comodo uses against computer viruses for systems that do not already have the vaccine and are therefore vulnerable. 

[cruelsister]

An excellent summary of the strength of Comodo's containment.

1). I'm glad that fileless malware was highlighted as Comodo provides lockdown protection against Scriptors of various types (wscript, vbs, powershell, python, etc) by means of the Script Analysis function (which works hand in hand with Containment). Most (all) other security solutions do not provide such a blanket protection.

(For any that would like to verify for themselves, let's consider a (very) simple loop script- one which will do nothing but open up a cascading series of Calculators:

ECHO off
:top
START %SystemRoot%\system32\calc.exe
GOTO top

Paste the above into notepad, and save as calc.bat

You can run it safely and see what gets plopped into Containment- flush Containment, and all is back to normal. You can try this also with your regular AV and see what happens).

2). In addition to fileless malware, Comodo will also protect quite well against things that malware authors use as replacements for Scripts- certutil, MpCmdRun, and BTSAdmin. Also it will stop very nasty things like malware utilizing Schtasks. I did a number of videos using malware coded around this to show how inadequate popular security products were at providing Boot Time protection.

In short, if you would like to be confident about being protected for malware, use Comodo. If you would rather worry, use something else.

M

[Melih]

Hey Guys,

Yep, been busy building few other companies

Its a marketing message..
I explain it full detail with how we virtualize the "write privileges" in the video in the post. So we have the video if you want to get more technical or a banner thingy for more of a marketing spiel with relevant context for whats happening in the world today.

btw: if you guys are into Home Automation and want a free home automation controller go ahead and sign up there and tell them I sent you guys there
https://community.getvera.com/t/ezlo-controllers-beta-enrollment-starts-now/213274/147

[megaherz33]

Hello,Melih!
Glad you return to the official forum.
Are you planning to introduce Valkyrie in the CIS, or at least in the CCE?

[NDABBRU]

(For any that would like to verify for themselves, let's consider a (very) simple loop script- one which will do nothing but open up a cascading series of Calculators:

[at]ECHO off
:top
START %SystemRoot%\system32\calc.exe
GOTO top

Paste the above into notepad, and save as calc.bat

You can run it safely and see what gets plopped into Containment- flush Containment, and all is back to normal. You can try this also with your regular AV and see what happens).

Hi cruelsister,
I tried to run the calc.bat script:
On a PC with Kaspersky Security Cloud Free and on a PC with Norton Security, in both cases the antiviruses seem to do nothing with any popup and only the DOS prompt screen appears with the script running but only a screen opens. explore resources. To stop it I manually close the DOS prompt.
On a PC with CIS the DOS screen opens with the script running and the CIS containment pop-up appears and repeated screens of resource explorers continue to open, bordered in green as they are in the container. Only with the zeroing of the container from the CIS console it stops and restores everything.

Why is the behavior different and in other cases always being less annoying but perhaps more dangerous (in the case of real malware) as it is not contained?

Thanks.

[liosant]

[at]ECHO off
:top
START %SystemRoot%\system32\calc.exe
GOTO top

Paste the above into notepad, and save as calc.bat

comodo internet security protected with containment
https://www.youtube.com/watch?v=OhueiPS8YVo (if malware exploit cmd, poweshell...)