Another HIPS test

Another HIPS test by Anti-Malware.ru

Products which have been tested:

PC Tools Firewall Plus 5.0.0.38
Jetico Personal Firewall 2.0.2.8.2327
Online Armor Personal Firewall Premium 3.0.0.190
Kaspersky Internet Security 8.0.0.506
Agnitum Outpost Security Suite 6.5.3 (2518.381.0686)
Comodo Internet Security 3.8.65951.477

more:
http://www.anti-malware.ru/hips_test_ring0

translated version (google): Сравнение HIPS антивирусов на предотвращение проникновения в ядро Microsoft Windows

:comodorocks:

If I understood the translated results well enough the top 3 winners were Online Armor, Comodo, and Kaspersky. Woot for Comodo.

The only negative comment they had to offer was that Comodo and Online Armor were rather noisy with pop ups. In version 3.5 I could see this but now a days my Defence + rarely pops up. Hmm, what are your opinions? Does Comodo still/are plan to expand the black/white list in future releases?

In the end Comodo still has my ultimate trust for layered security.

COMODO and OA was the only two to stop all the RING0 penetrations they tested! If I understood it correctly? =)
If so GJ comodo! :-TU :-TU

And cool site, (I love test sites) ;D :slight_smile: too bad its not in English =(…

They are working on reducing popups all the time… Melih promises version 4 will do great stuff on the usability… Version 3.9 is less noisy than version 3.8 as well… at least IMO… =)

As for unknown baddies, the HIPS will always be poppy, as it was in this test… Thats the expected behavior, and how CIS threats unknown files (at least for now)… I like it that way… Deny and ask… =)

This site has an English version also: http://www.anti-malware-test.com/

The only drawback is that English version is secondary and test reports are published in Russian first and in English after some time.

Very good!

Well said! Because of this I suggested I new feature in Firewall/Defense+ alerts. An option where the user could Terminate this process and Block (for malicious app, the user didn’t need to block every behaviour, he/she could simply Terminate and Block it) / Reverse its actions (LaserWraith/Jeremy idea). See the topic below https://forums.comodo.com/usability_study/cis_d_fw_alerts-t37493.0.html

[attachment deleted by admin]

Notice that Online Armor scored has high as Comodo but Comodo is FREE and the Online Armor that tested and passed cost $40. LOL.

The Anti-Malware.ru team recently tested a number of HIPS products against real malware that infect at the Ring 0 level,CIS 3.8 did rather well.

The results did show a high number of pop-up alerts in order to block these threats,so it would be interesting to see how 3.9 performs with it’s reduced alert architecture.

I beat you to the punch.

https://forums.comodo.com/general_discussion_off_topic_anything_and_everything/hips_test_by_antimalwareru-t38735.0.html;msg279760#new

First. :wink:

LOL…

dang now I’ve got to start merging threads and my dinner is on the table lol.

Update now merged,dinner cold. :frowning: