Comodo Group

Comodo Group, Inc

Type	Private company
Industry	Computer security, Internet security
Founded	1998
Headquarters	Clifton, New Jersey, United States
Key people	President & CEO: Melih Abdulhayoğlu
Employees	1,100+
Website	www.comodo.com

Comodo Group, Inc. is a privately held group of companies providing computer software and SSL digital certificates, based in Jersey City, New Jersey, in the United States. It has offices in the United Kingdom, Ukraine, Romania, China, India, Turkey and Salt Lake City, Utah.

History

The company was founded in 1998 in the United Kingdom, by Comodo CEO, Melih Abdulhayoğlu, a technologist and an entrepreneur. Comodo relocated to the United States in 2004. Comodo's product line is focused primarily on computer and internet security.^[1] The firm operates a Certificate Authority that issues SSL certificates, offers a computer security suite that includes antivirus and firewall protection and offers other web and network protection services.

Products

Comodo offers many products as freemium: They are available for download free of charge,^[2]but additional features or more feature-rich editions are available for a fee.^[3] Among Comodo's free products is the Comodo Internet Security, incorporating a personal firewall, Host-based intrusion detection system and antivirus program.^[4] Other Comodo branded freeware security tools include an anti-malware tool, and a memory firewall that protects against over 90% of buffer overflow attacks.^[5] For an additional fee, Comodo product users can subscribe to Comodo's computer cleaning and optimizing services for real-time computer assistance. Comodo also offers Comodo System Cleaner, which includes a free registry cleaner program,^[6] Comodo Unite (formerly EasyVPN), a virtual private networking (VPN) program, and Comodo SecureEmail, an email encryption program that allows S/MIME email users to send emails to any email user without exchanging keys beforehand. These products come in both a limited free version and a more functional professional release.

Active products

Comodo products^[3]

Name	Function
Comodo 2-Factor Authentication	Comodo offers Two Factor Authentication solutions for enterprises that includes One-Time Passwords, Secure Cookies, Challenge Questions and Digital Certificates. These are used in addition to the user providing a User name and password to be authenticated. In May 2012 Comodo and TeleSign announced a joint 2 factor solution that uses Comodo's Digital Certificates and Telesign's out of band phone-based authentication.[7]
Comodo Backup	Backs up files
Comodo BoClean	Detects and removes rootkits, hijackers, keyloggers, trojans. Now integrated into Comodo Firewall or Comodo Internet Security.[8]
Comodo Cloud	Comodo offers 5 GB of free cloud storage.
Comodo Dragon	Customized version of Chromium web browser with security improvements to help protect users.
Comodo IceDragon	Customized version of Firefox web browser with security improvements to help protect users.
Comodo DNDStation	Blocks any programs from interfering with a game to improve the PC gaming experience.[9]
Comodo LoginPro	Remote control Windows PCs and Servers.
Comodo Unite	A virtual private networking (VPN) program. Comodo has made Unite open source and the source code can be freely downloaded.
Comodo Endpoint Security Manager (ESM)	Comodo Endpoint Security Manager (ESM) allows users to centrally manage Comodo Internet Security (CIS) software in an organization on desktops and servers. [10]
Comodo Internet Security (CIS)	A freeware suite of antivirus, intrusion prevention system, firewall. There are branded editions of this product titled "Comodo Firewall" and "Comodo Antivirus". Pro edition is available on a monthly subscription basis. It includes 24/7 telephone and chat support.
Comodo Mobile Security (CMS)	Protect Android devices against viruses, worms and scripts. In addition, it also features SMS & Call Blocking, a software & process manager, data and apps backup and data traffic Monitor. The Anti Theft feature allows you to recover your device if it is mis-placed, lost or stolen. [11][12]
Comodo System Utilities	Comodo System Utilities combines three cleaning utilities: Registry Cleaner, Disk Cleaner, and Privacy Cleaner.[13] It includes the following programs:[14]
Comodo SecureDNS	Protects home and office Internet access and optimizes Web browsing speed
Comodo SecureEmail	Encrypts and digitally signs email.[15] Pro edition allows businesses to send encrypted or digitally signed emails with more control over their digital certificates than freeware edition.
Comodo Certificate Manager	Allows IT departments to deploy and administer digital certificates centrally and remotely.
Comodo GeekBuddy	Instant tech support service to solve PC problems. It is also bundled with subscription editions of the Comodo Internet Security Suite (CIS) and other services.
Comodo SSL	Comodo is a certificate authority, and is the second-largest issuer of business-validated certificates.[16] Comodo's certificate profile includes Organization Validation (OV) certificates, Domain Validation (DV) certificates, Extended Validation Certificate (EV SSL) certificates,[17] Multi-Domain certificates, Unified Communications certificates,[18][19] email certificates and code signing certificates. Comodo CA undergoes an annual WebTrust audit by Ernst & Young.[20]
HackerGuardian PCI Compliance	HackerGuardian provides PCI compliancy scanning. Comodo CA is an Approved Scanning Vendor that offers PCI scanning services to help merchants who take credit cards to comply with PCI DSS regulations.[21]
HackerProof	HackerProof is a daily vulnerability scanning solution. A logo is placed on third parties' websites that show if they meet Comodo's HackerProof scans.
User Trust	Comodo has offered Usertrust since early in 2008 as a customer feedback platform for online merchants. Usertrust gives merchants a clearer picture of how they can serve their customers better by offering transaction evaluation and feedback services.[22]
Web Inspector	Web Inspector provides daily vulnerability scanning, PCI compliance scanning and blacklist monnitoring for eCommerce sites.. A logo is placed on third parties' websites that show if they meet Comodo's Web Inspector scans.

Discontinued products

Name	Function
Comodo Disk Encryption[23]	Disk encryption utility
Comodo i-Vault[24]	Encrypted storage of confidential information
Comodo Memory Firewall[25]	Protected system against buffer-overflow attacks
Comodo Time Machine[26]	Saved and recovered instant system snapshots, allowing the system to return to a previous state
Comodo Verification Engine[27]	Verified legitimacy of websites

Reviews

Comodo Internet Security (CIS)

On February 7, 2013, Comodo Internet Security Complete earned the PCMag Editor’s Choice award. They gave the suite 4.5 of 5 stars and a rating of Excellent. Writing for the magazine, Neil J. Reubenking concluded “The biggest win for Comodo Internet Security Complete 2013 isn't in features, but in support. The GeekBuddy service fixes any problem, security or otherwise, using remote assistance. A Virus-Free Guarantee reimburses you for damage if malware gets past Comodo; you can also get reimbursed for expenses related to identity theft. Add a GeekBuddy-powered tuneup tool and an unusually powerful backup utility and you've got a winner.“ ^[28]

August 2012, Top Ten Reviews gave Comodo Internet Security 2012's firewall a perfect score, 9.88 of 10, higher than any other product evaluated. On the con side, they noted that Comodo is not as well known as their competitors.^[29]

August 2012 Neil Rubenking of PC Magazine gave Comodo Internet Security 2012 a rating of 4 of 5, Excellent. He wrote "Very inexpensive. Very good malware blocking. GeekBuddy remote help extremely effective at cleaning up malware, especially rootkits. Very little effect on performance."^[30]

October 11, 2012 Snapfiles.com gave Comodo Internet Security a rating of 4.5 out of 5.

August 20, c|net Magazine gave Comodo Internet Security a score of 5 out of 5, Spectacular. They stated "Now Comodo has stepped up its game and upped the level of competition with Comodo Internet Security".^[31]

Comodo Firewall

January 29, 2013, Neil Rubenking of PCMag rated the Comodo Firewall as "Excellent". He noted that with recent versions of Windows including a firewall it is important that alternative products be free and provide additional features, which are true for the Comodo Firewall. He concluced "n addition to a brand-new interface, Comodo Firewall (2013) has toned down the behavior blocking popups found in previous versions. It offers a wealth of bonus features including a hardened browser, sandboxing, and secure DNS lookup."^[32]

May 7, 2012 CNET Magazine rated Comodo Firewall "Spectacular" and gave it 5 of 5 stars. They referred to it as more capable than the firewall that comes free with recent versions of Windows.^{[citation needed]}

Comodo System Utilities

In September 2012 techsupportalert.com called Comodo System Utilities "The Best Free PC Cleanup Utility".^[33]

In August 2012, Jeffery L. Wilson of PCMag.com gave Comodo System Utilities an Excellent rating, 4 of 5 stars. He states as his "Bottom Line" conclusion "Comodo System Utilities is a free and effective system-enhancing utility that is as potent, if not more so in certain cases, as paid apps".^[34]

Comodo TrustConnect VPN

In January 2012 Bestvpnreviews.com stated "Comodo Trust Connect is a solid company with good support, but the service is the standard OpenVPN technology".^[35]

Comodo Dragon web browser

On June 17, 2010 a cNET Editor's review gave the Comodo Dragon a 5 of 5 star score and a rating of Spectacular. they concluded "Dragon is not only fast, but like Google Chrome, it is not strewn with numerous icons, leaving more room for Web viewing. For those who are extra cautious about their online security, or for those who are worried about Google's data-mining, this fast browser is a great choice. ^[36]

In a January 25, 2012 article, Infoworld listed the Comodo Dragon as one of 6 Chromium-based browsers "worth trying".^[37]

Comodo IceDragon web browser

On January 31, 2013 review Downloadcrew.com gave the Comodo IceDragon Web Browser 4.5 of 5 stars, a rating of Recommended. They concluded "A great addition to the Comodo software range, this is a instantly accessible secure browser".^[38]

Industry affiliations

Comodo is a member of the following industry organizations:

• Certificate Authority Security Council (CASC) - In February 2013, Comodo became a founding member of this industry advocacy organization dedicated to addressing industry issues and educating the public on internet security.^[39][40]

• Common Computing Security Standards Forum(CCSF) - In 2009 Comodo was a founding member of the CCSF, an industry organization that promotes industry standards that protect end users. Comodo CEO Melih Abdulhayoğlu is considered the founder of the CCSF.^[41]

• CA/Browser Forum - In 2005, Comodo was a founding member of a new consortium of Certificate Authorities and web browser vendors dedicated to promoting industry standards and baseline requirements for internet security.^[42][43]

Symantec vs. Comodo

In response to Symantec's comment over the effectiveness of free Antivirus software, on September 18, 2010, the CEO of Comodo Group Melih Abdulhayoğlu challenged Symantec to see which products can defend the consumer better against malware.^[44] Symantec, the producer of Norton AntiVirus, has responded that such direct tests are unnecessary: "Norton is included in a variety of independent, third-party tests from testing labs like AV-Test and AV Comparatives. We encourage Comodo to contact these testing labs if they are interested in having their product included in these tests."^[45]

On 29 September 2010, Neil J. Rubenking, the lead analyst for security of PC Magazine, published an article on Comodo Antivirus 5.0 that included a comparative chart.^[46][47] Rubenking concluded that Comodo Antivirus 5.0 blocked a higher percentage of malware than Norton AntiVirus, but was less effective than the Norton solution when it came to malware removal. Rubenking's review also noted that the Comodo malware blocking gave a number of false positives which he felt tarnished Comodo's results.

2011 affiliate registration security breach

On March 15, 2011, Comodo reported that a user account with an affiliate registration authority had been compromised which was used to create a new user account that issued nine certificate signing requests.^[48] Nine certificates for seven domains were issued: mail.google.com, login.live.com, www.google.com, login.yahoo.com (three certificates), login.skype.com, addons.mozilla.org, and global trustee.^[48] The attack was traced to IP address 212.95.136.18, which originates in Tehran, Iran.^[48] Though Comodo initially reported the breach was the result of a "state-driven attack", it subsequently stated that the origin of the attack may be the "result of an attacker attempting to lay a false trail."^[49][48]

Such issues have been widely reported, and has led to criticism of how certificates are issued and revoked.^{[50][51][52][53]}

All of the certificates have been revoked.^[48] Microsoft has issued a security advisory and update to address the issue.^[54][55]

On March 26, 2011, a person under the username "ComodoHacker" made several posts to Pastebin.com claiming to be an Iranian responsible for the attacks.^[56][57]

References

1. Richmond, Riva (6 April 2011). "An Attack Sheds Light on Internet Security Holes". The New York Times. Retrieved 17 March 2013. 
2. "Best Free Windows 7 / Vista 64-bit Software". Gizmo's Freeware. 2 December 2010. Retrieved 25 December 2010. 
3. Products and Solutions
4. "Proactive Security Challenge: Results and comments". matousec.com. Difinex Ltd. Retrieved 25 December 2010. 
5. "Prevent Buffer Overflow Attack with Comodo Memory Firewall". TechMixer. 26 September 2008. Retrieved 25 December 2010. 
6. Gralla, Preston (2 December 2008). "Comodo Registry Cleaner (PCWorld)". PC World Australia. IDG Communications. Retrieved 25 December 2010. 
7. http://www.darkreading.com/intrusion-prevention/comodo-and-telesign-partner-to-deliver-i/240000514
8. "Download Comodo Anti-Malware". Comodo Group, Inc. Retrieved 10 March 2012. 
9. http://download.cnet.com/DNDstation/3000-20432_4-75761014.html
10. http://download.cnet.com/Comodo-Endpoint-Security-Manager/3000-2239_4-10922053.html
11. http://alternativeto.net/software/comodo-mobile-security/
12. http://www.softepic.com/mobile/security-privacy/other/comodo-mobile-security-antivirus-free-for-android/
13. http://download.cnet.com/Comodo-System-Cleaner/3000-2094_4-10909697.html
14. "Comodo System Utilities Product Page". 
15. "Comodo SecureEmail". Comdo Group. Retrieved 8 January 2012. 
16. Tubanos, Anastasia (25 November 2008). "Comodo Second in EV SSL Market". THE WHIR. Web Host Industry Review. Retrieved 25 December 2010. 
17. Abdulhayoglu, Melih (December 2008). "Extended validation and online security: EV SSL gets the green light". (IN)SECURE Magazine (19) (Help Net Security). pp. 41 – 44. Retrieved 25 December 2010.  (Mirror)
18. Comodo Unified Communications Certificates (Yahoo.com)^{[dead link]}
19. "Unified Communications Certificate Partners for Exchange Server and for Communications Server (Revision 5.2)". Microsoft Support. Microsoft Corporation. 15 April 2008. Retrieved 25 December 2010. 
20. Walker, Bryan (5 December 2006). "Introduction to WebTrust for Certification Authorities – WebTrust for Extended Validation Audit Criteria" (PDF). New Assurance Services Group. Retrieved 25 December 2010. 
21. "Comodo Improves HackerGuardian PCI Scanning Tool". 1888 Press Release Software News. Newark, New Jersey: 1888 Press Release. 16 October 2008. Retrieved 25 December 2010. 
22. Justin, Lee (20 February 2008). "Comodo Launches UserTrust Program". THE WHIR. Web Host Industry Review. Retrieved 25 December 2010. 
23. "Comodo Disk Encryption". Softpedia. SoftNews SRL. Retrieved 8 January 2012. 
24. "Comodo i-Vault". Softpedia. SoftNews SRL. Retrieved 8 January 2012. 
25. "Comodo Memory Firewall". PC Magazine (Ziff Davis). Retrieved 8 January 2012. 
26. "Comodo Time Machine". Softpedia. SoftNews SRL. Retrieved 8 January 2012. 
27. "VEngine.com". Comodo Group. Retrieved 8 January 2012. "Comodo regrets to announce that the VerificationEngine software has been discontinued." 
28. http://www.pcmag.com/article2/0,2817,2415202,00.asp
29. http://personal-firewall-software-review.toptenreviews.com/comodo-internet-security-pro-review.html
30. http://www.pcmag.com/article2/0,2817,2399585,00.asp
31. http://download.cnet.com/Comodo-Internet-Security/3000-2239_4-10460704.html
32. http://www.pcmag.com/article2/0,2817,2414835,00.asp
33. "Best Free PC Tune UP Utility". 
34. "Comodo System Utilities Review". 
35. http://bestvpnreviews.com/vpn-reviews/comodo-trustconnect-vpn-review
36. http://download.cnet.com/Comodo-Dragon/3000-2356_4-75119680.html
37. http://www.infoworld.com/d/applications/google-chrome-remixes-worth-trying-out-184923?page=0,2
38. http://www.downloadcrew.com/article/27926-comodo_icedragon
39. http://www.networkworld.com/news/2013/021413-council-digital-certificate-266728.html
40. http://www.darkreading.com/authentication/167901072/security/news/240148546/major-certificate-authorities-unite-in-the-name-of-ssl-security.html
41. http://www.securitypark.co.uk/
42. "CA/Browser Forum". Retrieved 2013-04-23. 
43. Wilson, Wilson. "CA/Browser Forum History". DigiCert. Retrieved 2013-04-23. 
44. Abdulhayoğlu, Melih (18 September 2010). "Challenge to Symantec from Comodo CEO!". Comodo Group. Retrieved 22 September 2010. 
45. Rubenking, Neil J. (22 September 2010). "Comodo Challenges Symantec to Antivirus Showdown". PC Magazine (Ziff Davis, Inc.). Retrieved 22 September 2010. 
46. Rubenking, Neil J. (29 September 2010). "Comodo Antivirus 5.0". PC Magazine (Ziff Davis, Inc.). Retrieved 29 September 2010. 
47. "Comodo Antivirus 5.0 malware blocking chart". PC Magazine (Ziff Davis, Inc.). 29 September 2010. Retrieved 29 September 2010. 
48. "Report of incident on 15-MAR-2011". Comodo group. Retrieved 2011-03-24. 
49. Hallam-Baker, Phillip (March 23, 2011). "The Recent RA Compromise". Comodo Blog. Retrieved 2011-03-24. 
50. Eckersley, Peter (March 23, 2011). "Iranian hackers obtain fraudulent HTTPS certificates: How close to a Web security meltdown did we get?". EFF. Retrieved 2011-03-24. 
51. "Iran accused in 'dire' net security attack" (BBC). BBC News. March 24, 2011. Retrieved 2011-03-24. 
52. "Detecting Certificate Authority compromises and web browser collusion". TOR. March 22, 2011. Retrieved 2011-03-24. 
53. "Google, Yahoo, Skype targeted in attack linked to Iran". CNET. March 23, 2011. Retrieved 2011-03-24. 
54. "Microsoft Security Advisory (2524375)" (Microsoft). March 23, 2011. Retrieved 2011-03-24. 
55. "Microsoft Security Advisory: Fraudulent Digital Certificates could allow spoofing". Microsoft. March 23, 2011. Retrieved 2011-03-24. 
56. Bright, Peter (March 28, 2011). "Independent Iranian Hacker Claims Responsibility for Comodo Hack" (WIRED). Wired. Retrieved 2011-03-29. 
57. "ComodoHacker's Pastebin". 

External links

• Official website