Author Topic: More protection from SAP w/o loss of convenience? I'll tell'ya how!  (Read 25299 times)

Offline GrDukeMalden

  • Newbie
  • *
  • Posts: 33
  • Kudos +3/-1
SAP should have a feature in the the same menu where the list of trusted certificates is to disable automatic cloud lookup of the whitelist. 

What am I talking about? There was a video made by a youtube user going by the name of Cruelsister1 who mostly does comodo demos, but one video they made a long time ago got me thinking.
https://www.youtube.com/watch?v=TetSy5vn7_M

Comodo, to allow users to mitigate the threat of accidental malware entries to their whitelist, allows their users to disable cloud lookup of files. Another way this can be made even more secure is to remove unnecessary names from the trusted vendor list to only ever allow software to run if it has a valid and verified digital signature from a company that makes things you use.

SecureAPlus should have the same feature. To disable cloud lookup of the whitelist, but not the UAV or APEX And then the user could use the existing functions already in SAP to remove vendor names that aren't associated with software they actively use.

This way, they can still update all of the applications they actively use and install other products made by the same people, but now you have an Anti-EXE type deal that allows the user to prevent all unwanted software from being installed. Safe? malicious? unknown? Doesn't matter. Only allow software from vendors you already trust to run.

With a feature like this, unknown files would still get uploaded as that function would still be controlled by the buttons and switches that it's currently controlled by. Known malware would still get detected, because cloud lookup of the blacklists would still be happening.

VPN(Paid)
VoodooSheild(Paid)
SecureAPlus(Paid,Pro)
SandboxiePlus (By Xanasoft)
I fiddle with whitelisting software.

Offline Clem

  • SecureAPlus Helpdesk Engineer
  • Jr. Member
  • *
  • Posts: 52
  • Kudos +0/-0
Re: More protection from SAP w/o loss of convenience? I'll tell'ya how!
« Reply #1 on: December 22, 2020, 01:15:05 PM »
Hi, thank you for the valuable feedback, we will let the relevant teams know of this :)

Offline GrDukeMalden

  • Newbie
  • *
  • Posts: 33
  • Kudos +3/-1
Re: More protection from SAP w/o loss of convenience? I'll tell'ya how!
« Reply #2 on: December 23, 2020, 01:06:36 AM »
Being able to auto-purge unnecessary entries from the trusted certificate list would also be helpful.

Any certificate that isn't seen on a file currently on your computer. one button press and all certificates not seen in the locally stored whitelist from the initial full scan and all further full scans are gone, just like that.
VPN(Paid)
VoodooSheild(Paid)
SecureAPlus(Paid,Pro)
SandboxiePlus (By Xanasoft)
I fiddle with whitelisting software.