Containment is the New Antivirus

Containment is the New Antivirus


Uhm… OK.


Where can we look it up?

Kind of. Only when we’re talking about prevention though.

What’s new in 8.2?


New engine

New engine = Improved Sandbox

Surely you mean anti-malware and not just anti-virus? A sandbox should trap every kind of malware shouldn’t it?


I see the point on it but what happens when we have a great security software that contains everything but do not clean anything? will we contaminate everybody when sending then files from mail, pendrive, etc?

the antivirus can contain the viruses but if it not clean the files, then the viruses will keep disseminating and making the computer a blootware house. am i right?

I guess you should put some effort on the “cleaning” side of things too…

I see, product quality will worsen.

If the malware is contained (sandboxed) how will it continue disseminating?

If the sandbox is cleared, how will it bloat the computer?

Ewen :slight_smile:

Comodo doesn’t automatically clear the sandbox. What yro is saying is true, for compatibility reasons, CIS by default allows sandboxed programs to auto start, so they could eventually slow down the pc from the sandbox, or atleast take up space.

From the above posts it hard to discern what the hell your talking about specially.

I now discern. :slight_smile:

Add a Link in your description please Melih. - None of that I’m the CEO talk.

Point taken - an option to automatically clear the sandbox on 1) session end, 2) system startup or on a scheduled internal would be handy.

Ewen :slight_smile:

Perhaps i meant it that way? In order to create intrigue and cause discussion?

I saw the video of the site and I liked it, I find it very interesting, but I also think that the malware signatures should be slightly improved …

doesnt matter if CIS can handle all kind of unknow files if it can not clean these files.

the files will be automaticaly sandboxed but they will keep bloating the system itself. if the file is unknow comodo wil not block or remove or quarentene it, comodo will sandbox it. Just it. This is great but the file, if it was a malware, will keep on the computer. If we run the file, cis will sandbox it, but if we just copy this file to a pendrive, external drive, cd, dvd, e-mail, network, etc., the file will be propagated and cis will do nothing because the file was not executed.

thats my point.

the hability to automatic clean the sandbox was commented by myself and other users and a request was already mae but until now no words from comodo about that. but even with this option, this will not solve the problematic that I wrote here.

This is enterprise security solution but we already have these great protections in CIS.
I hope you will get more money Melih :-TU :love:

Except it’s not only malware that currently goes to sandbox, and you’ll loose it along with malware when sandbox is cleared.

I disagree. The point of anti-malware software is to prevent malware infecting the (real) machine, and containment does that very effectively for all malware. As long as the files stay in the Sandbox (and that’s down to you) they do not require cleaning. In any case there will be no way to clean zero-day malware. If you copy a file directly from the Sandbox to a pendrive or email and thus spread the malware that’s frankly your problem, in doing this you will be directly and deliberately violating the whole point of the Sandbox.

There is no such thing as a free lunch, the job of the Sandbox is to contain malware so that the real machine is not infected (and the malware is not spread). Thus everything in the Sandbox must be considered volatile, so clearing the Sandbox should not remove anything you need to keep, this just requires proper management of the Sandbox.