Discussion thread for reorganization of "Probably the Best Free Security List"

[MrBrian]

I've been working on reorganizing http://www.techsupportalert.com/cont...list-world.htm. The new list won't be publicly available until it's finished.

So far I've looked at current sections 2, 3, 4, 5, 7, 8 (partially), and 10. I welcome thoughts on how you'd like the items in those sections organized into categories, subcategories, and maybe even sub-subcategories. One thing to note is that not all intrusions involve malware. If you have any ideas about the categorization of the items in the other sections, that's fine too.

Some of the list authors favor listing a given item only once in the list, while some other list authors favor listing a given item in every applicable category, or at least the most applicable categories. Do you have an opinion on this?

I also welcome any other thoughts on what you'd like changed from the current list. I am/will be checking every existing list link and taking appropriate action when a problem is noticed.

[Remah]

Thanks for the opportunity to give feedback.

If the idea of the list is to provide people with relevant options then an item should appear in all applicable categories. But I would probably prefer that items should only go into categories that the editors would recommend it for. That is where us editors add value.

I'll have a look at the list this weekend.

[MidnightCowboy]

Quote:

Originally Posted by MrBrian

Some of the list authors favor listing a given item only once in the list, while some other list authors favor listing a given item in every applicable category, or at least the most applicable categories. Do you have an opinion on this?

I think it is a good idea to duplicate entries so long as these are restricted to the most applicable categories. We often see queries for programs "not listed" that are already there. Presumably this is because the reader did not see it for the category they were checking, it being listed somewhere else. We also have some duplication between main site reviews, so this is not new.

For extra clarification, it might also be an idea to include a piece in the introduction somewhere stating some items are duplicated where the programs/services are a useful tool for more than one category.

[MidnightCowboy]

Quote:

Originally Posted by MrBrian

I've been working on reorganizing http://www.techsupportalert.com/cont...list-world.htm. The new list won't be publicly available until it's finished.

Would just like to add a massive thank you for all the effort you have put into this so far.

I'm sure the majority reading the list can't begin to imagine the work it took to arrive in front of them, and the reorganisation will go largely unnoticed, the majority being new visitors.

[MrBrian]

@MidnightCowboy and Remah: You're welcome, and thank you for the feedback .

[MrBrian]

There's another discussion thread on this same topic at http://www.wilderssecurity.com/threa...-world.367392/.

[MrBrian]

The top-level categorizations that I'm currently using (for the sections I've looked at) are:

Introduction
Key Legend
New Items in This List
Anti-Malware Software - Real-Time - Signature-Based
Anti-Malware Software - Real-Time - Other Technologies
Anti-Malware Software - On-Demand - Target=System - Signature-Based - All Types of Malware
Anti-Malware Software - On-Demand - Target=System - Signature-Based - Only Certain Types of Malware
Anti-Malware Software - On-Demand - Target=System - Other Technologies
Anti-Malware Software - On-Demand - Target=Single File - Signature-Based
Anti-Malware Software - On-Demand - Target=Single File - Other Technologies
Anti-Malware Resources
Virtualization

Known problems with this:
1. Not every threat is about malware. So what should I change "Anti-Malware Software" to? "Host-Based Intrusion Detection/Prevention"? "Threat Protection"? "System Protection"? "Endpoint Security"?

I'm thinking of changing "Anti-Malware Software - On-Demand - Target=System - Signature-Based - All Types of Malware" to "Anti-Malware Software - On-Demand - Target=System - Signature-Based - Most Types of Malware" and "Anti-Malware Software - On-Demand - Target=System - Signature-Based - Only Certain Types of Malware" to "Anti-Malware Software - On-Demand - Target=System - Signature-Based - Few Types of Malware."

Any feedback is welcome.

[MrBrian]

Idea: For real-time software, there could be these categories:

Real-Time Protection - Antivirus and Anti-Malware
Real-Time Protection - Host-Based Intrusion Detection/Prevention

"Real-Time Protection - Antivirus and Anti-Malware" would include only software that uses signatures, while "Real-Time Protection - Host-Based Intrusion Detection/Prevention" would contain software that uses techniques other than signatures. Do you think this is better or worse than post #7?

There would also be other categories, such as "Real-Time Protection - Firewalls."

[MrBrian]

1. Do you agree or not with categorizing by real-time vs on-demand?

2. If I were to use this categorization for realtime security software:

Real-Time Software - Antivirus and Anti-Malware
Real-Time Software - Host-Based Intrusion Detection/Prevention
Real-Time Software - Firewalls

should "Real-Time Software - Antivirus and Anti-Malware" contain only signature-based programs?

3. Should partition/disk virtualization programs such as Returnil go into "Real-Time Protection - Host-Based Intrusion Detection/Prevention" or a separate "Virtualization" category?

4. Better: "Real-Time Software - Host-Based Intrusion Detection/Prevention" or "Real-Time Software - Other Real-Time Software"?

[MrBrian]

How about this?

Anti-Intrusion - Real-Time - Non-Network - Signature-Based (Includes Signature-Based Antivirus)
Anti-Intrusion - Real-Time - Non-Network - Non-Signature-Based
Anti-Intrusion - Real-Time - Network (Includes Firewalls)
Anti-Intrusion - On Demand - Non-Network - Signature-Based
Anti-Intrusion - On Demand - Non-Network - Non-Signature-Based
Anti-Intrusion - On Demand - Network

Issue: how to define "real-time" vs "on-demand?" One possible way: real-time means that while the given software is running, the detection/protection provided is immediate. According to this definition, WinPatrol Plus, Sandboxie, and VirtualBox are real-time, while WinPatrol Free and TCPView aren't real-time. Agree with this definition or not?