Now that CIS has sandboxie and it is in the cloud i don’t think d+ serves a point anymore. Sure it will block things before the system gets infected and will alert the users. But the sandbox does the same thing so why keep +d added into CIS sandbox is everything now.
Take d+ out of CIS and just use sandbox.
I don’t think that is possible. Read the following about the sandboxing process:
In addition to the Sandbox restriction level set for an application, Defense + also implements the following restrictions. A sandboxed application cannot:
Access non-sandboxed applications in memory
Access protected COM interfaces
Key log or screen capture
Set windows hooks
Modify protected registry keys (if virtualization is enabled)
Modify EXISTING protected file (if virtualization is enabled).
I would probably find something else if CIS ditched its HIPS.
Comodo’s sandbox, at least the automatic one, is essentially Defense+ automated. Some things are allowed and some are, by default, denied.
Take into consideration those who don’t use the Sandbox…
I will add that, the strong point of CIS is D+ and all the features that complement it, but i will dare to say that most importantly is D+.
But if you’re asking for something like an option to just install the sandbox its all fine and dandy ;D
+1 totally agree :-TU
I think that Comodo should develop a sandbox without D+. The sandbox should focus on running web browsers in a virtual environment, e.g., Sandboxie and BufferZone. Files and registry keys should be virtualized, sandboxed applications should not be able to see non-sandboxed applications, a red border should be drawn around sandboxed applications, and there should be a button to empty the sandbox. D+ in its current incarnation is flawed because of its reliance on the TVL. Comodo should view web browsers as threat gates, thereby treating anything downloaded via the web browser as untrusted.
Though a web browser may be the main threat for most users, there are others. Torrent downloaders, CDs/DVDs, email clients, USB drives/hard drives, etc.
things can get out of a sandbox though it’s very hard and very unlikely but if you give malware developers an inch to get into someones system then they will get in. they are like roaches. d+ helps keep them out from the begging. d+ is prevention, sandbox is like automatic background check before allowing a something in your computer. av is the last for if something gets through that sandbox, and d+ missed. once detection is added then av will try and get it off. i think all parts of cis serve a valid function in keeping a computer clean