How good is Comodo

Comodo Internet Security - CIS Defense+ / Sandbox Help - CIS
1

Does Comodo performing 100 % on the things below:

The 15 test scenarios used in this test are very briefly described below:

This threat is introduced via Spearphishing Link. A malicious binary executes x86 shellcode to open a meterpreter C2 channel via http.
This threat is introduced via Spearphishing Link. A malicious JavaScript file executes x64 shellcode to open a meterpreter C2 channel via http.
This threat is introduced via Spearphishing Link. A malicious obfuscated JavaScript injects x64 shellcode into an Office process to open a meterpreter C2 channel via http.
This threat is introduced via Valid Accounts. A malicious HTA file opens a meterpreter C2 channel via http.
This threat is introduced via Valid Accounts. A malicious PowerShell command with some defense evasion capabilities opens a meterpreter C2 channel via http.
This threat is introduced via Valid Accounts. A malicious Batch file opens an Empire C2 channel via http using a non-standard port.
This threat is introduced via Trusted Relationship. A malicious, obfuscated binary with some defense evasion capabilities and file extension spoofing, opens a PowerShell Empire C2 channel via http using a non-standard port.
This threat is introduced via Trusted Relationship. A malicious CPL file executes a PowerShell payload, which opens an Empire C2 channel via http using a non-standard port.
This threat is introduced via Trusted Relationship. A malicious XSL file is executed via WMI, which opens an obfuscated Empire C2 channel via http using a non-standard port.
This threat is introduced via Spearphishing Attachment. A malicious binary with a spoofed file extension executes an Empire payload to open an Empire C2 channel via http using a non-standard port.
This threat is introduced via Spearphishing Attachment. A malicious JavaScript file with some defense evasion capabilities enables to execute malicious code via the control panel application, and opens a C2 channel to a commercial C2 framework via https.
This threat is introduced via Spearphishing Attachment. A malicious binary with some defense evasion capabilities opens a C2 channel to a commercial C2 framework via https.
This threat is introduced via Removable Media. A malicious DLL opens a C2 channel via https to a commercial C2 framework.
This threat is introduced via Removable Media. A malicious binary with advanced defense evasion capabilities opens a C2 channel via https to a commercial C2 framework.
This threat is introduced via Removable Media. A malicious office document injects into another user-space process and opens a C2 channel to a commercial C2 framework via https.

Does Comodo protect us against these nasty attack methods?

1 Like
2

In the above scenarios Comodo responds:

  • If automatic confinement is activated, all executable files whose signature is not recognized triggers the sandbox and places them in isolation (C:\VTRoot)
  • Depending on the configuration of CIS and the computer knowledge of the user, Comodo will request actions to be carried out
  • For the average user Comodo installed by default will isolate actions from binary files as well as java scripts

https://zupimages.net/up/23/01/xl9k.jpg

The only problem being the user’s knowledge of the actions to be carried out (pop-pup)

3

Yes Comodo does but i was shocked how other Internet security Suites are performing and they claim 100 % security not.

4

The worst IT protection is the user
The best protection is pencil with paper

5

Hi ZorKas,

Thank you so much for supporting.

Thanks
C.O.M.O.D.O RT