1. What actually happened or you saw:
HIPS does not monitor applications virtualized by Auto-Sandbox or manual Sandbox.
2. What you wanted to happen or see:
I wanted HIPS to monitor applications virtualized by Auto-Sandbox and manual Sandbox.
3. Why you think it is desirable:
Because it gives more control to users about what an application is doing inside the Virtualized Sandbox. I want to use CIS with a layered security approach, I want CIS to virtualize unknown applications AND keep monitoring them with HIPS, not to choose between HIPS or virtualization. CIS modules should work alongside each other, providing layered security against malware. CIS modules should work “as a team”, since they are integrated in the same suite. Currently CIS Auto-Sandbox and HIPS does not work completely together and almost fight each other as if they were not from the same security package.
4. Any other information:
If Viruscope can monitor virtualized applications, why can’t HIPS monitor them too? That way it is even more layered security, people will have virtualization, Viruscope and HIPS working together as a team.