Collaboration with other security vendors

Do the developers at Comodo ever collaborate with developers at other security companies when designing the next generation product?

The reason I ask is that the next version of Comodo Pro firewall is going to be fairly comprehensive. I am guessign that having full hips will cause it to conflict with many other security applications. For example, use another free product called Spyware Terninator. My guess is that when the ext version of Comodo is released, I may be forced to choose which of these free application to use. Or, I may have to choose not to upgrade to the most recent version if I want to use both.

Of course, with all that Comodo plans to cover in the next version of the Firewall, the only compliment needed to Comodo might be a good AV and a good spyware scan engine as a backup.

Just curious as I actually really like both of these applications.

We don’t do collobration as such, however, we do extensively test with other popular products.

Comodo AV is improving day by day :wink:


When the time is right, Comodo AV will be on my PC. As of today, my standards are:

  1. Must pass VB 100
  2. Must do well on the AV-Comparatives tests
  3. Must be moderate to low in terms of resource usage

For now, I do not believe that Comodo AV satisfies those requirements. But when it does, I will certainly try it out!

what is more important for you

“how well this AV protects me from all malware”


“how many % of the viruses it detects?”


Prevention is definitely more important than detection, though both are important as no software can prevent them all. Once they make it on to the system, it is not only imporant to detect them but also important to be able to remove them.

But I I definitely see and agree with your point. An ounce of prevention is worth a pound of cure.

yep agreed!

you can’t avoid all 3


any security system must have all 3 components
however, today the first line of defense is detection, which I think is wrong.
it has to be prevention. and of course detection as a secondary defense.

you see, there are X many malware out there, and there are Y many signatures for them. with HIPS, we simply Prevent them all and prevent any new ones too on top. So far, we haven’t seen any that could penetrate our HIPS (not saying its impossible… just saying the malware we have seen couldn’t do it). What that means is CAVS v2 can protect a user much better than any other AV in the market place that uses detection as their only means. Just that, the techniques have evolved and now there is a new weapon in the arsenal against fighting malware…


Your approach makes complete sense to me.


  1. How is resource usage with CAV2? and
  2. How about number of alerts and popups? Most any HIPS will protect the end user IF the end user makes the right decision. However, as seen time and time again, the end user isn’t going to make the right decision more often than not. That was the concept behind PREVX1 (a paid security application that I have heard many great things about, but never tried).

The whitelist approach

Well if your prevention is that good it means its the best out there?

So all it needs is the best detection and removal and thats kaspersky for u ? so u copuld also use the kaspersky engine with there signature? and then Comodo Antivirus will surely be the best antivirus out there for prevention and detection plus removal.

BTW is the HIPS in the Comodo Antivirus the same as in the Comodo firewall? so Comodo firewall will prevent malaware as good as the Comodo antivirus?

Yes indeed, the Whitelist approach.

Hopefully, users will seldom be subjected to a pop up asking for a response as the whitelist will be a comprehensive list of safe files. When a pop up does occur it will be an unusual event and, as such, the user should be inclined to read through and hopefully make the right decision.
I anticipate that most pop ups will actually be a sign of something undesirable and, due to the scarce nature of these pop ups, the user will respond accordingly assuming there is malware on the loose. If anything denied at this stage found to be safe at a later time then the block rule can easily be reversed.


The HIPS in CAVS is an application-based whitelist (which is growing every day…).

The HIPS for CFP will not only have the whitelist with cryptographic signatures to prevent “spoofing” and help the HIPS not to be too “noisy” (which would require user interaction) but a full behavior analysis as well. Plus possibly even more… What I know, I know from Melih’s comments in the forums. Obviously, he’s not going to let the cat out of the bag, so there may not be more details forthcoming until it hits the Beta street…


  1. CAV2 resource usage has been reduced from CAV1.1. and we continue to make improvements.

  2. The key is having a huge safelist of applications so that we don’t bother users asking them if its ok to allow or deny. We have such safelist and we are adding over 2000 new files to it everyday! The issue with other hips products in the market place is that they don’t have a Safelist checked and certified by a respecte Certification Authority like Comodo… we do! :slight_smile:


so the HIPS in Comodo firewall is better than in Comodo antivirus?

  1. Will the HIPS in Comodo firewall have signature updates? to prevent the latest malware?

like the antivirus?

also wat can comodo do about the detection and removel of comodo antivirus? buy another antivirus scan engine? with there signatures?

HIPS in the firewall will be HIPS on steroids :slight_smile: . It will be a full HIPS plus :slight_smile: compared to application HIPS for AV…

our detection rate should get respectable by april.