How good is Comodo

Comodo Internet Security - CIS Defense+ / Sandbox Help - CIS
#1

Does Comodo performing 100 % on the things below:

The 15 test scenarios used in this test are very briefly described below:

This threat is introduced via Spearphishing Link. A malicious binary executes x86 shellcode to open a meterpreter C2 channel via http.
This threat is introduced via Spearphishing Link. A malicious JavaScript file executes x64 shellcode to open a meterpreter C2 channel via http.
This threat is introduced via Spearphishing Link. A malicious obfuscated JavaScript injects x64 shellcode into an Office process to open a meterpreter C2 channel via http.
This threat is introduced via Valid Accounts. A malicious HTA file opens a meterpreter C2 channel via http.
This threat is introduced via Valid Accounts. A malicious PowerShell command with some defense evasion capabilities opens a meterpreter C2 channel via http.
This threat is introduced via Valid Accounts. A malicious Batch file opens an Empire C2 channel via http using a non-standard port.
This threat is introduced via Trusted Relationship. A malicious, obfuscated binary with some defense evasion capabilities and file extension spoofing, opens a PowerShell Empire C2 channel via http using a non-standard port.
This threat is introduced via Trusted Relationship. A malicious CPL file executes a PowerShell payload, which opens an Empire C2 channel via http using a non-standard port.
This threat is introduced via Trusted Relationship. A malicious XSL file is executed via WMI, which opens an obfuscated Empire C2 channel via http using a non-standard port.
This threat is introduced via Spearphishing Attachment. A malicious binary with a spoofed file extension executes an Empire payload to open an Empire C2 channel via http using a non-standard port.
This threat is introduced via Spearphishing Attachment. A malicious JavaScript file with some defense evasion capabilities enables to execute malicious code via the control panel application, and opens a C2 channel to a commercial C2 framework via https.
This threat is introduced via Spearphishing Attachment. A malicious binary with some defense evasion capabilities opens a C2 channel to a commercial C2 framework via https.
This threat is introduced via Removable Media. A malicious DLL opens a C2 channel via https to a commercial C2 framework.
This threat is introduced via Removable Media. A malicious binary with advanced defense evasion capabilities opens a C2 channel via https to a commercial C2 framework.
This threat is introduced via Removable Media. A malicious office document injects into another user-space process and opens a C2 channel to a commercial C2 framework via https.

Does Comodo protect us against these nasty attack methods?

1 Like
#2

In the above scenarios Comodo responds:

  • If automatic confinement is activated, all executable files whose signature is not recognized triggers the sandbox and places them in isolation (C:\VTRoot)
  • Depending on the configuration of CIS and the computer knowledge of the user, Comodo will request actions to be carried out
  • For the average user Comodo installed by default will isolate actions from binary files as well as java scripts

The only problem being the user’s knowledge of the actions to be carried out (pop-pup)

#3

Yes Comodo does but i was shocked how other Internet security Suites are performing and they claim 100 % security not.

#4

The worst IT protection is the user
The best protection is pencil with paper

#5

Hi ZorKas,

Thank you so much for supporting.

Thanks
C.O.M.O.D.O RT