Heimdal PRO review

Discussion in 'Reviews and Tests' started by RGiskardR, Dec 20, 2016.

  1. RGiskardR

    RGiskardR Malware Tester Silver Member

    Hello colleagues from TweakBytes!!

    I would like to present the review of this so interesting security product: HEIMDAL PRO!!!!!!

    I hope You enjoy with its features and Their conception of security!!

    There We go!!


    Links to Heimdal PRO Resources, Guides and FAQ.

    General info of the product and links to resources at Heimdal PRO Website. System Requirements:

    You can install Heimdal FREE or Heimdal PRO on computers running the following operating systems:
    • Windows 7 (32 and 64 bit)
    • Windows 8 (32 and 64 bit)
    • Windows 8.1 (32 and 64 bit)
    • Windows 10 (32 and 64 bit)
    • Windows Server 2008 R2
    • Windows Server 2012/2012 R2
    Heimdal has the following system requirements:
    • Microsoft .NET Framework 4.6.1
    • Takes 100 MB disk space
    • Takes 250 MB RAM
    • Takes 3% of CPU usage
    • Local administrator or domain administrator (if in domain) rights during installations
    • User rights during execution
    • Internet access
    *If .NET Framework 4.6.1 is not already installed, Heimdal will automatically download and install it. This does not apply to the MSI based installation.

    Product Guides: https://support.heimdalsecurity.com/hc/en-us/categories/200818649-Product-Guides
    Heimdal Technology at a Glance: https://heimdalsecurity.com/en/whyheimdal
    How does Heimdal Pro works: https://support.heimdalsecurity.com/hc/en-us/sections/201687605-How-does-Heimdal-work-
    Heimdal FAQ: https://support.heimdalsecurity.com/hc/en-us/categories/200843235-FAQ
    Heimddal Products: https://heimdalsecurity.com/en/products
    Buy Heimdal Pro: https://heimdalsecurity.com/en/buy/register
    Heimdal HowTo: https://support.heimdalsecurity.com/hc/en-us/sections/201632359-Heimdal-PRO
    Heimdal Support: https://heimdalsecurity.com/en/support

    Installation and 2 steps Wizard Configuration.

    Installation was fast, easy and plain. We have to choose language of the product, type our license code and email address:

    The product offers an easy wizard to configure main security settings and notifications in 2 steps:

    2 Steps Wizard.gif

    In first one We can setup the silent security updates, We have 2 options:
    • AutoPilot: recommended for highest level of online safety. Software already installed will be detected, monitored and auto updated if necessary.It is recommended for highest level of online safety.
    • Custom: We can decide what software want to Monitor or to Monitor and AutoUpdate.
    In second one We can configure the notifications from the different security modules, new updates and the status of the application. Each notification has two help buttons:

    Small Butons.png
    • Pressing the blue small button, We will see a description of the notification. This button is in every configuration setting of Heimdal Pro.
    • Pressing the small green eye button, We will see how the notification will be shown in our screen.
    After you finish with this settings, press the [Got It] button and the customization is over.


    Next, We will make a small trip through the different options of the main GUI and screens of the product:


    This is the main product GUI (graphic user interface) window and here We get the status of the system, when were the last scan and updates performed, as well as how many applications have been patched, malware cleaned, malicious websites blocked, days left of Your subscription/license and version product.

    There are 3 colours depending on the overall status of the system:

    • Green (Your computer is healthy): your system is safe.
    • Yellow (Your computer must be updated): Heimdal Pro has detected some outdated applications and is currently patching them.
    • Red (Your computer is at risk!): credentials have been compromised.
    We can click over the hexagonal button with a tick and a new Scan of the system will start with an animation:


    Information of Software Patches, Malware Cleaned and Websites Blocked are shown and constantly rotating every 2 seconds approximately :

    O2.png O3.png

    Traffic Scanning.

    If We disable “Traffic Scanning” the others 3 settings below will be disabled. On the other hand if “Traffic Filtering” is disabled then “Automatically disable Traffic Filtering” feature will be also disabled.

    The setting “Automatically disable Traffic Filtering” allows disconnect Traffic Filtering module automatically when Heimdal Pro can’t connect to the cloud servers from our location (Traffic Filtering won’t work properly). This situation may disconnect the system from Internet. To avoid this, you can choose to automatically disable “Traffic Filtering” and Heimdal will re-enable the feature when it can reconnect to the cloud servers.

    With “Proxy” button, a proxy can be set to create an additional protection layer for the system.

    On the right side We also see the count of last scans and blocks in the last 7 days.

    Traffic Scanning.gif

    Malware Engine.

    In this section We can turn on/off this module as well as check on the right side the count of scan and cleans in the last 7 days.


    I contacted to Heimdal Support to ask some doubts and more detailed information about its working, and I want to thank Adrian Manolache who friendly clarify and answered my questions.

    So, to better understand how Heimdal “Malware Engine” works, here are some of his words:

    Heimdal is not an antivirus and its focus is not reactive protection. As a result, Heimdal PRO cannot be compared to a fully-fledged antivirus, because it focuses on proactive protection. Heimdal is a supplement to antivirus and We always recommend Internet users to adopt a multi-layered approach to cyber security as no single solution can block all threats.

    • This means that Heimdal focuses on blocking attacks by blocking the connection between malicious websites, servers and C&Cs and the targeted devices, based on incoming and outgoing Internet traffic. This is what you saw in the Websites Blocked section in Activity Reports.
    • What’s more, this also means that Heimdal cannot block ransomware types that use encryption keys generated locally or offline. Cerber has such variants, which is why Heimdal PRO couldn’t block it.
    • In Heimdal PRO, the malware engine uses a limited number of antivirus definitions, which we use to perform a quick scan. Again, I have to emphasize that Heimdal PRO is not an antivirus and should not be treated as such”.
    Patching System.

    Heimdal monitors and automatically updates a wide variety of applications.

    The new updates are downloaded directly from the official servers and Heimdal automatically installs them. A running application will never closed or automatically reboot the PC after the updates have been installed, also will never ask permission or User Account Control (UAC) notification, even if the UAC is enabled.

    In this tab We can choose to turn off this module, but is not recommended because will decrease our system protection

    There are 2 sections/features in this module:
    • Software Patching: monitors and updates applications already installed in our system and are found in the list of the engine. There are 5 columns which give us information such as: Software Name, Version, Status, Monitor and AutoUpdate of every installed and monitored program in our system.
    A green tick Green Tick.png in Status column means this application is up to date, a red ! exclamation mark the application couldn’t be patched and a line of 3 orange dynamic dots ... the application is being updated.​

    In the Monitor column, a tick in the check button means Heimdal will start monitoring that application. Once a new version of that application appears, you will be notified to update (only notify but not update).

    A tick on AutoUpdate column will automatically update the application checked to the new version when available.

    If We don’t want to patch automatically some applications of the list can just disable unticking them.​

    Patching System 1.gif

    • Recommended Software: offers us a list of applications to be installed directly from Heimdal. Once a new program of that list is installed, it will be automatically added to the Software Patching list where it will be monitored and auto-updated.

    Patching System 2.gif
    On the right side, We can check the number of applications monitored and updates (patches) have been applied in the last 7 days.

    Activity Reports.

    This window give us the general statistics and reports of the security status of our system:
    • General tab: shows reports of “Traffic Filter”, “Malware Engine” and “Patching System” modules scans, blocks and patched applications in the last 7 days, also the number of monitored applications.
    • RSS Feed tab: get security warnings directly from the Heimdal Security blog, to keep safe your system.
    • Software Patches tab: shows which updates have been installed, for which application, which version and on which date.
    • Infections Detected tab: shows infections have been found and blocked. You can see when these infections were detected, the malware name and their status.
    • Websites blocked tab: shows a list of infected or potentially dangerous websites blocked and the date They were blocked.

    Activity Reports.gif

    Settings Tab.

    To access Heimdal Settings there is a gearwheel button at the top right conner of the Heimdal GUI (graphical user interface).

    Inside Settings Tab We can change the behaviour of some Heimdal features:
    • Turn the Malware Scanning module on/off.
    • Set the interval of how often Heimdal will perform a malware scan. Minimum interval is 60 minutes. Increasing interval will low your security against cyber threats. Default settings are recommended.
    • Turn the Traffic Scanning module on/off.
    • Automatically disable Traffic Filtering: if our system has not access to a network, after 5 minutes Traffic Filtering protection module will be disabled.
    • Proxy settings: will add an additional protection layer.
    • Turn the Patching System module on/off.
    • Set the interval of how often Heimdal will scan for updates of monitored applications. Minimum interval is 120 minutes. Increasing interval will low your security against cyber threats. Default settings are recommended.
    • Balloon Notifications: Turn on/off balloons notifications. Notification intervals can be set.
    • Security News Alerts Notifications: receive notifications from the Heimdal Security blog. Keep up to date getting news about latest online threats.
    • Language: change the language application.
    • Choose to update to beta: give us the option to try beta versions of Heimdal and their improvements. Keeping turned off this setting We always have the latest stable version.
    Settings Tab.gif

    Notification Center.

    In this section We setup whether to receive or not notifications (turn on/off) from the different protection modules, when malicious site is blocked, for every weekly activity report or when a new security news alert is published in Heinmdal Blog or when a new monitored application update is ready or it’s being installed. Also We can test how They will be shown, clicking over the small green eye in every setting.

    Notification Center.gif


    Here We can:
    • Check the details of our active license.
    • Type a new license code if We bought a renewal with different email address.
    • On the right side: check product type (Free or Pro) and when the current license will expire.



    In this section We get 3 helpful links of Heimdal resources:



    Read some interesting details about Heimdal beginnings and their aims in protection technology, also a direct link to About page in official website.


    Testing System Settings and hardware specs.

    Here You are some info about the system I’ve used to install and test HeimDal Pro:

    Host System: Windows 10 Pro x64 RS1/AU. AMD Athlon II X3 450 @ 3,20Ghz + 8GB RAM DDR3 + 2 x Western Digital Blue SATA3 500GB in RAID 1).

    Guest System: virtual machine with Windows 10 Pro x64 RS1/AU running over VMWare 12.5.2 (3GB of RAM assigned). Windows Defender disabled via gpedit.msc policy.

    Some applications and tools installed inside virtual machine: Mozilla FireFox, Google Chrome, FoxIt Reader, Java Update 8, Microsoft Office Pro Plus 2016, Restore Point Creator, CCleaner, WinRAR, Sysinternals Suite.

    Heimdal PRO Resource Consumption.

    I took some screen-shots to show You how does performs Heimdal Pro in my virtual machine, as You can see, in general terms is quite light, and does not eat so much resources so this is a good point to have it as a companion and complement of our main security product ;)

    But I’ve noticed that Heimdal Pro every 4 seconds approximately has a small CPU peak of about 7%~9%, You can see in one of the screen-shots below.

    RS1.png RS2.png RS3.png RS4.png RS5.png

    Final Worlds.

    As We can read in Heimdal Pro documentation, and I was answered and remarked from their Support team also, this is not a traditional security product and is not designed to be the main layer of protection in a system but most a complement and proactive security solution specialised in protection from financial and data stealing malware, while doing banking operations and keep you safe from Zero Hour malware and security exploits frequently employed by IT criminals.

    That being said, I have been testing the product with some different malware and malicious links packsfrom around 1 month ago, and the results were not as I expected. I was not able to get any warning/detection/blocking from “Malware Engine” module, which only maintains a limited number of anti-virus definitions used to perform quick scans, so I would like to see here, at least! a better protection against ransomware and other families of malware, for instance, adding or improving signatures/detection via Cloud, and also a better and increased database of malicious/phishing URLs, I’m sure this would improve a lot the effectiveness of the product. On the other hand probably my infrastructure to test specific and advanced financial/0-day threats or Exploits is not the appropriate one.

    Another feature I would like to see improved in the product is the information about “Activity Reports”, adding also the specific time of blocked threats/attacks and showing more detailed data about detected/blocked objects/sites.

    A strong point of the product for sure is the “Patching System”! I was very pleased with its working, even the own application patched itself to a newer version, You can check it in my screen-shots I installed version 2.2.9 and last ones shows 2.2.12, which was great! Very good idea is the “Recommended Software” feature which lets us install well-known and widely used applications in our systems, also hope the number of monitored and recommended applications will be increased in future versions.

    To finish this review I would like to say that Heimdal PRO has potential, and may be a great proactive security complement to any traditional security suite application out there in home or corporate environments.


    I would like to thank @jasonX , @BC2Tweak and @Trim, and all my friends here in this forum for their support and for convince me to do this review :glad::cool:

    And of course to Heimdal Security for their Support and Assistance!!

    Well guys, see You soon... in the next review!!
    daljeet, Gabbs, artoor and 11 others like this.
  2. Google Adsense

  3. wwd

    wwd Illustrator Silver Member

    Good job :cool: Thanks :)
    Gabbs, revC0de, LowcyGier and 3 others like this.
  4. Der.Reisende

    Der.Reisende Malware Tester Silver Member

    Very very nice review, in-depth, greatly arranged with those pictures give some relief to that huge amount of interesting findings you've achieved .
    I've not yet tried the product, only heard of it, so a detailed review like this comes in handy :)
    Thank you for sharing, looking forward to more reviews @RGiskardR :)
    Gabbs, revC0de, LowcyGier and 5 others like this.
  5. jasonX

    jasonX Giveaways Moderator Staff Member



    welcome to the reviewers club! I like the way you presented it especially sharing information about the issue you have encountered with its malware engine. One thing to keep in mind there and readers and also those interested to own a license or purchase Heimdal in the future. Reviews here at TBt are unbiased and realistic (that coming from devs) so I am proud of this review :) Thanks man for all your efforts!
    Gabbs, revC0de, Trim and 6 others like this.
  6. BC2Tweak

    BC2Tweak Reviews Moderator Staff Member

    Indeed... :)
  7. silversurfer

    silversurfer Malware Tester Silver Member

    The quality of product reviews are exceptional high in this forum. Many thanks for the great work of members :clap:
    revC0de, Trim, LowcyGier and 4 others like this.
  8. jerzy6012.50

    jerzy6012.50 Valued Member Known Member

    it is very good myself using it for a while and I was very happy with it.
    very good description of this program good job.:cool:
  9. RGiskardR

    RGiskardR Malware Tester Silver Member

    Guys, yesterday (22/12/2016) I tested Heimdal PRO against the 30 URLs presented to the competition "MTAC Poison Box Day 2016", and the results were quite interesting :glad:

    Heimdal PRO scored 22/30!!!!!! since about 5 or 6 URLs were already down/not found at that time, that is a very impressive score!! :cool::clap:

    Here You are the screen-shots of detections:
    1.png 2.png 3.png 4.png
    5.png 6.png 7.png 8.png
    9.png 10.png 11.png 12.png
    13.png 14.png 15.png 16.png
    17.png 18.png 19.png 20.png
    21.png 22.png
    revC0de, Trim, wwd and 3 others like this.
  10. LowcyGier

    LowcyGier Senior Member Silver Member

    RGiskardR - A great pleasure for me was reading your review of Heimdal PRO. Please more of these entries. Well, it is worthy of an alternative to competing antivirus solutions.
  11. guardian

    guardian Administrator Staff Member

    there's NO reviewer like our BC2Tweak
    his input and output is exhilarating to read..

    but here is another example of an AWESOME reviewer.. great read thanks RGiskardR.. a most magnificent Software Review :shake: :clap:

    silversurfer, revC0de, Trim and 4 others like this.
  12. BC2Tweak

    BC2Tweak Reviews Moderator Staff Member

    If I were a soft dev...I'd certainly be unbelievably pleased and happy with this Review. We are continuing to produce results that go above and beyond anyone else. That is a very high compliment to the care and expertise of all our good folks here. Keep up the good work, and always strive to be better, the next time you do a Review. We can always improve. :)

    Again, @RGiskardR, you've made me proud and really giddily happy!! :)

    Thanks for your hard work!! :D

    Oh yes, just a hint....don't ever rush through your Reviews. Take the time to do the best job possible!! :)
    silversurfer, revC0de, Trim and 5 others like this.
  13. RGiskardR

    RGiskardR Malware Tester Silver Member

    @BC2Tweak: thanks for Your kindly words and suggestions! I'll take them into account! :glad:
    silversurfer, revC0de, wwd and 4 others like this.
  14. BC2Tweak

    BC2Tweak Reviews Moderator Staff Member

  15. jasonX

    jasonX Giveaways Moderator Staff Member

  16. revC0de

    revC0de MTAC Moderator Staff Member

    AWESOME review!! Very well explained and detailed!! Thank you for your hard work!
    Gabbs, wwd, Trim and 4 others like this.
  17. RGiskardR

    RGiskardR Malware Tester Silver Member

    Gabbs, Trim, LowcyGier and 4 others like this.
  18. Der.Reisende

    Der.Reisende Malware Tester Silver Member

    Noticed, good job, keep it up :)
    Gabbs, wwd, Trim and 3 others like this.
  19. Akshay Kumar

    Akshay Kumar Guest

    Thanks for the wonderful review ! The review is in detailed and very well explained the Heimdal PRO's potential to be a great proactive security complement to any traditional security suite application. It would really help a new person to understand the great product
    wwd, revC0de, LowcyGier and 2 others like this.
  20. Raul90

    Raul90 Valued TBT Member Known Member

    Nice testing angle used there! It's always nice to see reviewers checking out software applications and using the "versus" approach/methodology! That sheds a whole new light to any analysis! Keep it up!
    Gabbs, wwd, revC0de and 3 others like this.
  21. RGiskardR

    RGiskardR Malware Tester Silver Member

    Thanks for Your words! really appreciate them! :)
    LowcyGier, wwd, Trim and 1 other person like this.
  22. jasonX

    jasonX Giveaways Moderator Staff Member

    That's the beauty of having a section like the MTAC forum guys, they have the capability to do adapt testing methodologies that are different from the rest of those doing reviews thus making it more interesting and realistic.
    Gabbs, wwd, BC2Tweak and 4 others like this.
  23. BC2Tweak

    BC2Tweak Reviews Moderator Staff Member

    Yep. Very nice work, everyone!! :)

    It's great to have a Review that will cover pretty much all ground!! :D :thanx::win::clap:
    Gabbs, wwd, LowcyGier and 1 other person like this.
  24. artoor

    artoor Moderator Staff Member

    As always, very thorough review! Our TbT team consists of the best reviewer ever! :) Thank you for your hard work, RGiskardR!
    Gabbs, LowcyGier, wwd and 1 other person like this.
  25. hakah

    hakah Junior Member

    Very in-depth and detailed review. Nice Job!
    Now I have a better understanding to this useful application.
    Gabbs, wwd, LowcyGier and 1 other person like this.
  26. RGiskardR

    RGiskardR Malware Tester Silver Member

    Hi guys, recently I contacted to Heimdal PRO support because I got a new auto-update version of the application (2.2.13) but couldn't find the change log of bug fixing/new features in their official site.

    The answer was fast and clear, as every time I've contacted to them, and here it is:
    Although They say in PRO (home) version didn't suffer any change in this update to 2.2.13, I've fond something new that I think it wasn't there! when I did the review of the product:

    HDPRO 2.2.13.png
    The "new feature" is in Patching System module, on the left column, which shows a table with all the status symbols that may appear in the column STATUS while an application is being patched. In my screen-shot my Libre Office application is been patched, and its status column shows the new version is being downloaded (...)

    Looking forward the new changes/features in the next version update!
    wwd, Gabbs and LowcyGier like this.

Share This Page