Customisable Settings

A2J
A2J Posts: 7 Observer

SAFE, the product which I am currently using, is phenomenol but it does not offer much customsiation in the settings (for example, you can not set anti-virus or DeepGuards's behaviour to aggreesive). I understand that F-Secure's products are targeted towards novice users but there ought to be some customisable seetings for the advanced users. Prior to using SAFE I was with a very well-known AV vendor and the software of the well-known was highly customisable, which I liked as advanced users could tailor the product to their liking.

 

 
0
0 votes

Declined · Last Updated

Comments

  • Ukko
    Ukko Posts: 3,770 Superuser

    Hello,

     

    Sorry for my reply. I'm also only F-Secure user (their home solutions).

    I able to feel reason of this feature request (and potential good points of such feature) - but just interesting about your opinion/view:

     

    -- what result should be there with such feature?

     

    For example, current design of F-Secure security solutions is to protect, remove/block any known malicious and harmful items (or potentially dangerous; with clear abilities to harm user's system); also to block/prompt about PUA/PUPs (based on their policy).

    With potential 'view of design' -> block/remove only indeed harmful/malicious items.

     

    With your noted tweak -> what kind of software should be detected?!

    Or should be visible all 'currently' background-work of F-Secure and ask user about decision?

     

    Or something as F-Secure XFENCE for Mac-platform: https://campaigns.f-secure.com/xfence/

    (while... I able to think that XFENCE sounds as classic Application control).

     

    Thanks!

     

    // also I think that F-Secure is pretty customisable (but not by default or with unexpected result).

  • A2J
    A2J Posts: 7 Observer

    Hello Ukko, SAFE is phenomenel as it currently is but a change in settings would mean that DeepGuard (the behaviour blocker) will be more reactive due to one changing the settings to aggressive, as well as mitigating any infection by unknown malware. Further to your point, newly created malware which have no known signatures may be hard to detect by the behaviour blocker so thus one tweaking the setting to aggressive will imprve the chances of the behaviour blocker mitigating an infection. One example is DUQU.2.0, the malware that struck Kaspersky Lab. They did not know about the infection until the malware was harvesting data and the malware was not known to KSN or to their signatre databse, so one changing the settings to aggressive will maje the behviour blocker more reactive and thus mitigate an infection.

  • Ukko
    Ukko Posts: 3,770 Superuser

    Hello,

     

    Yes, clear points.

     

    But I able to suspect that F-Secure analysts (or DeepGuard team) with feelings like "tweak DeepGuard to protect against exploiting steps" (if something is not exploiting -> they do not tweak anything).

    For example, DeepGuard able to detect something based on certain flow/background (and do not detect this 'something' with another flow). It can be useful for both of meanings -> protect against unknown malware; and reduce false-positive.

     

    With another meanings -> pretty reasonable to use things like DeepGuard (and not only signature-based or so) - but if 'settings with aggressive-mode' will increase only abilities to detect malware (and do not increase false positive; or more user's interaction) -> it should be enabled by default as normal mode.

    Also... I'm not sure but maybe business solutions with certain tweaks about such field - where indeed can be more often requirements with tight analyzing each action.

     

    My own feelings -> that F-Secure solutions should be with tweaks about protection against exploiting and using valid good software, applications or system's methods. Even F-Secure with abilities to protect against it (already) - but I feel that it's not enough 'level'. And quite possible to tweak it or even introduce something as advanced mode (which possible turn ON or turn OFF) - where will be covered such points - which can be rare for user's system.

     

    I just think that 'aggressive mode' (switch settings to aggressive) is unclear. What should be detected or how. For example, why some items was not detected with normal mode?! Maybe it should be detected with normal mode?

    Or, for example, does it will be with autodecision or user has to decide.. and so on.

     

    Thanks!

  • Cale
    Cale Posts: 294 F-Secure Product Manager

    Hi,

    DeepGuard detects behavior by certain rules that cannot be adjusted on the fly.

    -Cale

Feedback on New Design