Can the Intel TDT technology detect registry-based malware attacks?

Can the Intel TDT technology detect registry-based malware attacks?

1 Like

Yes, Intel Threat Detection Technology (TDT) integrated into COMODO Internet Security can detect various types of malware attacks, including registry-based ones. Intel TDT uses hardware telemetry and real-time behavioral detections to identify threats such as fileless malware, cryptomining, polymorphic malware, and ransomware.

This technology works directly on the CPU, below the operating system, allowing for faster and more effective threat detectionÂą. When a threat is detected, TDT sends alerts to integrated security solutions, such as COMODO Internet Security, so they can take appropriate action.

TDT in CIS is currently capable of detecting cryptolockers only.

1 Like

It can detect ransomwares,trojans,unknown malware etc not only cryptolockers

1 Like

More about Intel TDT and what it does in this Microsoft article: Intel Threat Detection Technology

2 Likes

Intel TDT is not a silver bullet, its applicability is limited to specific malware behavior, it is based on monitoring for specific computational patterns during code execution with processor’s PMU and ML on Intel Graphics (that’s why processors without integrated graphics are not supported).
Accelerated memory scanning is not yet implemented in CIS as far as I know

1 Like

That’s a letdown. Are those really accurate information, or rather based on wild guesses? Can any staffmembers come out to clarify whether the TDT technology detects malware beyond cryptolockers?

1 Like

Gene more than likely made that conclusion based on performing tests against it. Comodo will not tell you how it is implemented in its currant form other than basic PR and marketing statements. If you want to know for yourself you are going to have to test it with various types of malware yourself.

1 Like

My guess right now is that it’s also possible that both New_Style_xd and Nik123 did their tests as well and the discrepancy between their results and those of Gene’s might be easily explained by the possibility that they have different computer specs to each other and therefore the TDT might work out differently in them.

The best way to find out is have the Austria-based AV-TEST or the like to run multiple meticulous tests on Comodo’s TDT.

1 Like

COMODO no longer performs antivirus testing on AV-TEST, there is a post here on the forum explaining this problem between the two companies, if anyone knows of this link they could post it here.