I was wondering on how Comodo’s IMA will work in the new version 4 of your Internet Security software.
To me, it looks like a virtual BB - from the results shown when using the online version.
How will CIMA work in CIS 4?
How effective will it be?
Will it be running on-access?
Is there any other useful information about CIMA?
I was wondering about that too. What’s the latest and greatest on CIMA based heuristics for v4?
AFAIK, CIMA will act as another form of heuristic with behavior blocker in CIS v4; So you will have AV Heuristics and Behavior Blocker + CIMA working together on that side. Not 100% sure, Hopefully Melih can explain a bit more.
Well I wonder…
I’d supposed that, in the CIS CIMA module, Comodo would put algorithms that take too long to be executed in real time or during a comprehensive scan.
So maybe CIS will put up an alert re some suspect behavoir, and offer the opportunity to perform further more thorough analysis (& give technical feedback) to inform your allow/not decision. In this way CIMA would enter the decision-making process at much the same point as either 1) Threatcast and/or 2) “my pending files” examination. I guess if it enters at the threatcast point, it would improve the quality of threatcast scores. (Threatcast could even weight more highly allow/deny decisions made by people who had run CIMA on a file).
Probably a long way from the truth…