Reply To: VoodooShield 5.70

Forums VoodooShield Support Forum VoodooShield Releases VoodooShield 5.70 Reply To: VoodooShield 5.70


    Tarnak: I have noticed that CPU usage in 5.97a beta keeps fluctuating from low 2% to 17%, i.e. unstable it seems  to me.

    TH was close ;). Let me guess… the peak happens exactly every 5 seconds? This is a result of the new feature that auto detects apps that connect to the internet, and I am still optimizing it to capture as many apps as possible while limiting cpu utilization as much as possible. I am shocked that your baseline cpu utilization is 2% and that it peaks at 17%. You must have an older cpu, or must be still running way too many apps ;).

    Thank you guys for letting me know that VS 6 is doing well. I am sooooooooooo excited for you guys to see the next version, and it will be ready soon, hopefully before the weekend. Basically, you know how VS’s prompts have always been quite confusing? And as you guys know, I have been talking about replacing VT with WLC for quite sometime, mainly because WLC just makes a heck of a lot more sense to be combined with VS than VT. VT worked great with VS when signatures were significant and useful. It was also great with VS for a couple of years there when the ML/Ai engines did the heavy lifting, but now that malcoders are having their way with them, we needed to find a better way. And that was how over a year ago I came up with the idea for WLC. I somehow realized… VT is looking for malicious files. VS is much more concerned with clean files, and should be looking for clean files. Then one thing led to another, and WLC turned out amazing. So it all makes sense that VS works so incredibly well with WLC… it’s because WLC was inspired by VS.

    So I always knew that VS and WLC would work incredibly well together (when implementing the way I did over the last few weeks), but I had no idea that it would work this well. I’m telling you… not only are the prompts correct (and make sense to the end user), but the user recommendations are spot on, and we no long have to worry about zero days that are missed from all 70+ engines, and a few days (or months) later discovered to be malware.

    I could go on about this forever, simply because there are so many other benefits as well. My only regret is that I did not finalize this code sooner… although I probably could not have since WLC is so new. I am just happy it turned out as it did… it FAR exceeded my expectations. And keep in mind, this is just the first version… we will refine it over the next few months.

    In the interest of full disclosure… VT either has already disabled our API, or they are going to. Other security companies have been whining for years about how VS uses VT, even though they have MUCH better access to the data, and are much better funded.  I guess they are tired of hearing VS’s name whenever a high profile target is hit, and they try to make a sales call.  Maybe they should not have promised that their networks were protected, when they really were not.

    Anyway, I have been 100% upfront and honest about how VS uses VT… it is literally documented in our actual software, and have posted VS’s use of VT multiple times.

    I just think it is funny that they conveniently forgot about this…

    Not that it really matters. Once you see the new VS / WLC integration, you will see what I mean.