- Microsoft trying to say: look, HIPS products can work with KPP
- Sophos saying: we have HIPS too
To make it even clearer: running an executable in an emulator and watching its actions (
observing the genes) isn't new, Sophos isn't the first (or even the best) at it and it certainly isn't HIPS.
Repeat after me: heuristic detection != HIPS.