Computers can come in different forms such as a personal computer, tablet, or phone. All of these devices work similarly and need their own protection. The most common way to protect these systems is by using certain types of software.
A virtual machine creates an actual virtual computer within the operating system of your system. This will block all threats from the host system and the threats will only affect the virtual system. This is a methodology called sandboxing.
VMWare Workstation can run applications on a breadth of operating systems including Linux, Windows and more at the same time on the same PC without rebooting. VMware Workstation makes it really easy to evaluate new operating systems like Windows 10, test software applications and patches, and reference architectures in an isolated and safe environment. This is similar to the sandboxing concept but is an entire “virtual” machine instead.
Emet-Microsoft’s Enhanced Mitigation Experience Toolkit is a freeware security toolkit for Microsoft Windows. It provides a unified interface to enable and fine-tune Windows security features. It can be used as an extra layer of defense against malware attacks, after the firewall and before antivirus software. An application can run within EMET and then EMET can then be run inside another sandbox such as Sandboxie. https://technet.microsoft.com/en-us/security/jj653751
Sandboxie-creates a sandbox-like isolated operating environment in which applications can be run or installed without permanently modifying the local or mapped drive. http://www.sandboxie.com/
Anti-virus software is the program that scans the file system looking for virus’s that have infected your machine.
ESET Smart Security scans, detects, quarantines or removes malicious code. You can configure this application to actively scan and to also progressively (constantly) scan your device. The progressive scan option has low resource intensive operations and does not impact daily machine use.
MalwareBytes is a freeware anti-virus but also has a paid version. Uses very low resources and is recommended as a secondary anti-virus program to supplement your main anti-virus program.
A firewall is what regulates all connections in and out of your machine. It blocks or allows connections based on rules that are set up by the user. Many anti-virus suites come with a firewall.
VeraCrypt- can encrypt single or multiple folders, files, directories, volumes, or any other storage media. This is considered folder encryption and is also an endpoint encryption meaning the entire storage drive is encrypted. A password or token can be used as the authentication method before any folders or files are opened or viewed. Also, A password or token can be used as the authentication method before the OS on the device is loaded into RAM. VeraCrypt can also “hide” encrypted folders and files. https://veracrypt.codeplex.com/
CIS Configuration Assessment Tool (CIS-CAT)—A Java-based benchmark tool that compares the configuration of target systems to CIS Benchmarks and reports conformance scores on a scale of 0-100. This tool has many different security benchmarks for many different operating systems and versions. CIS-CAT provides an intense scan of all vulnerabilities, settings, addons, software, hardware, and descriptively lists everything that is scanned. It then explains what each component is and if said component failed the scan then it gives a step by step walkthrough on how to change that component of the device.
Privoxy is a non-caching web proxy with filtering capabilities for enhancing privacy, manipulating cookies and modifying web page data and HTTP headers before the page is rendered by the browser. Privoxy is a “privacy enhancing proxy”, filtering Web pages and removing advertisements.