Best Free Intrusion Prevention and Detection Utility for Home Use (HIPS)

toggle-button

Introduction

Gone are the days when a virus was a virus and everything else was, well, different! Now known collectively as "Malware" these threats are constantly evolving and pose a serious challenge to security software. Signature based scanners give the most reliable detection results but these are limited by the frequency of their database updates. To compliment signature recognition software, HIPS programs were developed which look for behavior on your PC which is "characteristic of malware activity". The user is then presented with an alert to either allow or block the event. Some programs automate this process which can occasionally lead to problems. See my article HIPS Explained which deals with this and other issues in more detail.

Evaluating the performance of HIPS programs is far from easy and any so called "test results" should be viewed with a degree of caution. It is straightforward enough to feed malware files to a selection of signature scanners and then count what they find to arrive at a score. AV Comparatives provides an admirable service here and the results are always consistent and reliable. There is no such definition line possible for testing HIPS software and my feeling is that some of the vendors may possibly use this to their own advantage ("hype").

Review Criteria

My objective in reviewing this software is to help users make an informed choice about the suitability of the products for their own requirements. In addition to information obtained from the various producers, I have used two methods to collect the necessary data and tried to present my analysis in a factual and entertaining manner. Part of my review is based on personal usage of the software concerned and I will be updating information about my component set-up on this page. I have also used third party data collected from sources I know to be reliable such as other forums where I have known some of the posters for several years. In reality no one can ever duplicate the system you use and the software reviewed may react quite differently between one PC and another. Ultimately, the best way to judge the suitability of these programs for yourself is to try them.

 

Rated Products

Malware Defender  

An excellent HIPS program with network protection for advanced users

Our Rating: 
4
License: Free (Limited features)
Comprehensive protection including network monitoring.
Complicated to understand for average users - home page in Chinese.
Read full review...

WinPatrol  

Take a snapshot of your system settings and alert you to any changes

Our Rating: 
4
License: Free (Limited features)
Comprehensive protection; deals with the problems it finds; a pioneer of heuristic based detection technology. Acquired in July 2014 by the former lead developer of Sunbelt & Viper software with the current status of the product guaranteed.
Alerts can be confusing to the non technical and distracting when they arrive during an install process.
Read full review...

MJ Registry Watcher  

A simple registry, file and directory poller to safeguard computer system

Our Rating: 
3
License: Free
Light resource use; excellent default rules with choice of security levels.
Only really suitable for experienced users.
Read full review...

Related Products and Links

You might want to check out these articles too:

 

Editor

This software review is copy-edited by Glyn Burgess. Please help edit and improve this article by clicking here.

Back to the top of the article

 

Please rate this article: 

Your rating: None
4.089745
Average: 4.1 (78 votes)

Comments

Any other standalone HIPS that can be recommended since the original date this article was printed? Also, how is the HIPS feature rated in Private firewall?

The value of HIPS as a standalone program has degraded over time. At one point there were many to choose from including what was IMO the best, EQSecure. Online Armor started life as a HIPS before a firewall was added and the Privatefirewall HIPS component, DSA, (Dynamic Security Agent) was also available as a separate program. Now most HIPS are integrated into a firewall and highly automated in an attempt to prevent users from making a wrong decision and crippling their system. ZoneAlarm Free firewall is a good example of a lightweight integrated HIPS that does "enough" but without being too intrusive. http://www.zonealarm.com/security/en-us/zonealarm-pc-security-free-firew... Many antivirus programs now also include similar components to protect against unauthorized registry changes for instance. The HIPS component in Privatefirewall was always highly regarded. Users should however take some time to research the benefits of these components properly and not be swayed by "test" sites such as Matousec that claim one product offers more "protection" than another. To get a true value of firewall protection performance, this is a much better and far more accurate resource. http://www.av-comparatives.org/firewall-test-march-2014/ Note how highly the built in Microsoft firewall performs. :) In terms of new standalone HIPS, I've not seen anything else to warrant inclusion here. In general terms my advice would be to use Windows firewall together with an antivirus with strong web filtering capabilities such as Panda or Forticlient. http://www.cloudantivirus.com/en/ http://www.softpedia.com/get/Security/Security-Related/FortiClient.shtml WinPatrol free will add an extra layer against the type of system altering code associated with toolbars and browser hijacks without users needing to resort to a full blown HIPS. http://www.winpatrol.com/download.html Otherwise, following safe surfing practices will reduce your exposure risk to a minimum anyway. MC - Site Manager. http://www.techsupportalert.com/content/safe-computing-under-hour.htm http://www.techsupportalert.com/content/what-else-have-you-just-download...

This may be old news to some here, but it was news to me today.
WinPatrol has apparently been sold to Ruiware.
According to the WinPatrol site, nothing will change and the new owner says he plans to continue as before.

I was aware Mr. Pytlovany has had some personal issues, I thank him for everything and wish him the best....

SkuterB

Alliances and takeovers happen all the time in this industry and we as consumers are mostly unaware of them. Bill has always been upfront with his development objectives however and Bret Lowry appears to be in the same mould. You can read the product statement here. MC - Site Manager. http://billpstudios.blogspot.com.br/2014/06/winpatrol-generation-ii.html

About MJ Registry Watcher:

How can you write "Installation is not required, simply run the program from whichever directory you un-zip it to." and then "There is no portable version of this product available."?

Thank you for pointing this out. The wrong box was ticked when it was entered into our products database. MC - Site Manager.