You do not want yet another "detection" tool to tell you it's already too late and you are infected. This costs you time and money and resources to manage it.
Detection can by its very nature is not Proactive security. It is simply a reactive alert.
A malware could exist mainly in 2 areas
1. Hard Drive
2. RAM
A malware could enter mainly via
- Internet connection
- Local Network
- Wireless network
- USB
As stated above it could only exist/live in the hard drive or RAM in the system. A malware is merely a collection of instructions designed to do malicious activity. Malware must get "CPU" cycles to execute its malicious deeds. If the instruction does not go to CPU to be executed, there is no damage. The CPU is the oxygen that malware needs live.
So a malware lying dormant on your hard disk with no CPU time can cause no damage other than taking up Hard disk space.
Comodo has designed a security posture to starve the malware of this CPU oxygen! In our container, we never allow malicious activities or unknown activities to reside in the hard disk next to other good stuff you have or give these files unrestricted access to CPU.
Legacy antivirus products have no notion of containment or ability to understand a file is an "unknown" file and treat it differently. These legacy AV products routinely allow an unknown file to go to CPU and execute with full privilege to do whatever that unknown file wants to do. This is a "no no" in our security architecture and this kind of "default allow" techniques are sure way to get infected.
By containing and controlling the file's access both to CPU and Hard Disk, we limit its capability to do damage. This containment solution is the way to prevent infections from "ANY" malware, especially zero day malware and unknown files who then turn out to be malicious.
Of course this containment must take place in run time, automatically and must be done for unknown files.