Heimdal Pro is a specialised computer -security program that adds additional layer of protections to one provided by antivirus. While signature-based approach tries to identify known malwares and behavior based approach tries to identify processes with malicious behavior, Heimdal works differently. We reviewed this program on beginning 2018 and thats what we found out.
Heimdal protects personal computer in several ways. The first one is it checks for program updates and updates some of the programs if there are newer version. This ensures that you won’t have vulnerable Java, Flash or browser version running. The list is not that large though. On my PC it checked around 7 from 50-70 programs detected in the system, however I do not run Java or Flash programs there. Some of the programs have auto-updater themselves and it might not be a significant security impact. However, if you have Java or Flash installed, you have to update them religiously as these programs are widely exploited. Program updates are included in both paid and free Heimdal versions.
Here is version of the screen that shows that PC needs updated.
Monitored Programs – its not much.
System Status after updates
This is Heimdal status after running awhile.
And this is recommended software. I completely disagree with this section: You should not install Java (including multiple different Java versions) that you do not need. And there are some other software that might not be needed in normally running PC. Having multiple browsers (even patched ones), multiple Java engines, etc might lead to risk increase rather than decrease.
Second function Heimdal performs advanced firewall functions by filtering both incoming and outgoing traffic. It will block some web usage tracking scripts like Gemius, which might be considered privacy risk, also it will block some domains it considers malicious with quite scary warnings.
The outgoing traffic scan is more interesting. In theory it should detect traffic that steals your personal information that is sent to 3rd party servers without your consent. This is quite useful function, as it might prevent credit card and personal information theft. How effective is it for real it remains to be seen.
Additionally, it will try to prevent bad functionality on your PC. It works similar to behavioral detection in my opinion although it is more focused on blocking bad behavior rather than stopping malware process (what is antivirus task).
During the test, I met several problems with Heimdal Pro. Firstly, its bad behavior detector stops internal DNS services, which I use for debugging purposes. I would not have a problem with this fact (as some of these DNS hijack are malicious), however the block was done without any message thus I had to guess the cause of the problem in my Vagrant environment. Additionally, there is no way to whitelist single service.
Additionally, I am not really happy with the website blocking too. For example, it blocks Reimage as “phishing site”. While it might be considered PUP due to bad advertising, it has legitimate uses too. The label “Phishing” is inaccurate and tries to mislead the user about serious fix rather than warn him.
This issue aside, Heimdal Pro is useful under several circumstances. Firstly, both free and paid versions are suited for non-experienced computer users that need to keep vulnerable software running on their PC. Keeping up-to-date software might reduce the risks of being infected significantly. Secondly, it might provide additional layer of protection for people without decent internet security suite.
Positive Sides of Heimdal Pro
Keeps some most vulnerable softwares updated
Good program to run along regular antivirus for additional protection
Negative Sides of Heimdal Pro
Updated program list is not that long
Protection might break some more complicated setups like virtual machines
Provides little extra compared to internet security suites