Virus protection vs Virus cleaning - two very different things.....

go ahead and watch and let us know what you think pls…


“We have redefined the security model…”

There’s nothing new here. Both cleaning and protection are an important part of any security model. Even if hypothetically CIS (or any other product) offered 100% protection, most users would not be prepared to reinstall their OS, which gives rise to the demand of a cleaning tool.

Whether you integrate that cleaning tool into your main product or separate it does not affect the fact that there is an underlying demand for both. The only real valid argument you can make for separating the two is efficiency gains (an argument which you don’t make) - by having two different programs, it is possible for the end user to use less of their computer’s resources.

There is no “discovery” going on here- most of AV leaders incorporate both elements in their products. Rather than underlining trivial definitional differences, I’m sure the creator of the video could have found a much better use for his time,

On a positive note, despite the poor content, the quality of the animation was very good.

Very informative video.
Very much enjoyed.
I have both products.So good to go.
By the way who was the artist.??
Very impressive artwork.
Thank you.

Interesting Video;

I must say that there was always a need for an easy method of cleaning and preventing infections that are present in a machine; there werenmethods; but now there is methods that my grandma can use :smiley: (thanks to Comodo)

There is a move of disturbance in the force :slight_smile: I think it’s called ‘wishing you innovated this’ feeling from other AV/Desktop Security Companies >:-D >:-D

Great Vid!

I must note that Comodo goes through troubles like every other company but the difference is support and feedback from both sides of the party (end-users - Comodo devs/staff) Comodo isn’t perfect either; but it’s just a fermi away of being perfect :slight_smile:

Looking at it from a different perspective,

CAVS is only a child; (Literally below 9- Years Old) it has now 7.25 Million Signatures in a 130MB Database;
CIS is only a infant; it has over 10M some odd installations :
CIS is a leader of malware prevention; My opinion
CIS does have barely to none flaws (I do realize that the current issue is the whole ‘tvl’ situation but I believe they will be solved less then a month) …
Comodo does have a rather small ‘discontinuance’ of their new products
Some discontinued products are now slipstream/intergrated into CIS or CTM or CPM

I really like this video.

Great drawer, your voice is so cool.

Nice one Melih! :-TU
I like the drawings, did you do all of them? ;D
I completely agree with you, don’t hire a detective to do a policemen’s job. (And vice-versa)

Easy to understand presentation ;D

However Prevention is better than cure. But in reality it’s hard for most user to understand how defense system works and configure it.

Great animations, reminds me of RSA Animate (although I don’t know what the technique is called).

I too have a problem with this statement. I’m not a “computer security” expert (in terms of the so-called “security industry”), but in the field of programming, there really is no such thing as prevention/cleaning. Either your security mechanisms are 100% in theory (as in, in-theory > in-practice), or it’s worthless. Cleaning obviously isn’t 100%, so it fails.

Maybe you’re claiming that D+ is an early prevention-based product? (I don’t know much about the history of such products.)

We have re-defined Security…let me explain…

The reason why we can now talk about Protection being different than Cleaning is because we are the guys who created a new architecture with “Default Deny architecture with Automatic Sandboxing”. This did redefine the way end users protect themselves compared to legacy AV products.

hope this clarifies.


I really not sure if D+ was one of the first prevention-based products… And we’ve already discussed “Default Deny”. It’s called the principle of least privilege, which has been around for a very, very long time. I’m just saying, maybe you should make it clearer that you’re only talking about the “security industry” here, because these principles are quite old in programming.


mp3 was nothing new…but apple with Ipod and ability to purchase MP3 has redefined the way that industry provisioned.

So when I say we re-defined …it means we have re-defined the way end users protect themselves. We are not claiming to have invented a new Theory…however we are claiming that we DID invent the first “Default Deny architecture with Automatic Sandboxing” which is pretty important advancement in the world of security!


No, the reason why you can talk about prevention being different from cleaning is because a very long time ago (way before Comodo), default deny architecture was invented. Your automatic sandboxing has nothing to do with the definitional separating of Prevention from Cleaning.

You haven’t redefined anything - the video itself has nothing to do with automatic sandboxing, and parades Comodo as though you’ve discovered the Protection vs Cleaning model.

You haven’t. This is just a heavily obfuscated marketing ploy.

If you want to hear constructive criticism, you should really remove the video, and explain why automatic sandboxing is beneficial (By the way, whether automatic sandboxing with default deny is “a pretty important advancement in the world of security” will be determined only by time).

Cheap sensationalist marketing might work with less informed users, but looks absurd to anyone who understands the field (eg. potential contracters).

To be fair, Melih did say " “Default Deny architecture with Automatic Sandboxing” (my emphasis), not “Default Deny architecture” and then “Automatic Sandboxing” as a separate entity.

He is extolling the virtues of combining a default deny architecture (which has been around for years) with automatic sandboxing (similarly aged). While both “default deny” and “sandbox” have been around for a while, combining them into a unified strategy to insulate the user from the bulk of risk is new.

Ewen :slight_smile:

Ewen - I understand completely what you (and Melih) are trying to say - the fact that automatic sandboxing and default deny is a new concept.

However, this is not what this video was about. This video was trying to say that Comodo has redefined the security model by separating prevention from cleaning. This is not the case, hence wj32 claiming that the video is confusing, and myself taking the more cynical view that it is obfuscating.

This is exactly what my (constructive) feedback is about. Talk about why automatic sandboxing with default deny is good. Don’t just whip out sensationalist, misleading marketing.

Because we “redefined” the way end users can protect themselves, there is no need to put cleaning+protection into same package.

If we hadn’t redefined the security architecture, then we would be doing what other AV’s are and offer cleaning with Protection.

Hope this clarifies.


Once again, YOU did not make any redefinition that eliminated the need to put cleaning and protection in the same package. This was done YEARS AGO, via default deny, and not definitely not by you. You could have chosen default deny, and still been able to separate the two.

There is no redefinition here that hasn’t already been made. The only thing Comodo has done that is new is default deny plus sandbox. But that is NOT the topic of this video, this video is obfuscated marketing that implies Comodo have reinvented the security model by separating cleaning and protection. This is simply not the case.

Once again: “Default Deny with Automatic Sandboxing” is the key that enables a security model that is usable and acceptable by the masses. And that is the “redefinition”. “default deny” on its own is not a mass market product hence cannot redefine the security model for end users. However “Default deny with Automatic Sandboxing” is a mass market product imo.

And because this “redefinition” (Default Deny with Automatic Sandboxing) has a different way of protecting, it doesn’t need the cleaning part of the software to be present.



I agree with what you wrote.

However, what you just wrote is not what is in the video. This is why it’s obfuscating - the video implies a direct link between Comodo “redefining” security modelling and this leading to separation between protection and cleaning. That separation is independent of Comodo’s “redefinition”, and has been around for a long time.

You need to explain what you just said to me (which makes sense) in the video (which currently is severely obfuscated), otherwise it’s misinforming marketing.

As a conceptual aside, you should know that it’s very likely that default deny will be the security model used by the masses in the reasonably near future, as computing power increases, and statistical analysis models (such as those used by military) get incorporated into home products.

I have to respectfully disagree with that statement and here is my reasoning.
The main stream testing organisation, AV companies, editors and so on all “judge” the product with both capabilities (eg: protection and cleaning). So the main stream has “defined” the model to be both in one. Thanks to “Default Deny with Auto Sandboxing” we can “redefine” the security model. So there is a direct link with Comodo making it happen with “Default Deny architecture with Auto Sandboxing” and cleaning and protection being treated differently. Why? because the model of protection has now changed from using a “cleaning” product for protection to using a “default deny architecture with auto sandboxing” product for protection. So you no longer are using a “cleaning” product for protection.


I believe that the video was trying to show that placing the higher emphasis on protection, as opposed to cleaning, is different (and, some may say, “new”). While other security product are adding protection mechanisms, Comodo are saying the CIS is the first security product that was built from day 1 with a focus on protection, whereas the others are cleaning focussed with protection components added on.

Ewen :slight_smile: