Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
A Cylance Smart Antivirus Quickie
Message
<blockquote data-quote="Libera Milanesi" data-source="post: 758253" data-attributes="member: 74385"><p>About the script comments, I'd think that a review demonstrating the weaknesses of Cylance (non-PE's) is beneficial anyway, otherwise someone could end up sifting through many reviews without realizing those weaknesses (and may never realize until it is too late!). It's normally expected for an Anti-Virus product to be capable of scanning scripts and not just traditional PE's, even if most Anti-Virus products aren't "good" with it.</p><p></p><p>There is a lot of script-based malware out there... For the past few years in the analysis labs, I've seen a majority of the scripts I get handed to be acting as a down-loader for the main payload - you have to work fast sometimes before the C&C servers/downloads become inactive.</p><p></p><p>Cylance could always consider Antimalware Scan Interface (AMSI) on Windows for Windows 10 and above environments. It will provide some script scanning capabilities for them to integrate into their product. I recently had to make some adjustments to our implementation of it before the holidays. You can read more information about it here: <a href="https://docs.microsoft.com/en-us/windows/desktop/AMSI/antimalware-scan-interface-portal" target="_blank">Antimalware Scan Interface</a></p><p></p><p>I've seen Cylance perform quite well when it is used in combination with other products for a layered protection configuration. I've also seen it fail though - and I have seen other vendors fail a lot harder too. They have definitely been improving since they started up and I'm looking forward to the progress with it.</p></blockquote><p></p>
[QUOTE="Libera Milanesi, post: 758253, member: 74385"] About the script comments, I'd think that a review demonstrating the weaknesses of Cylance (non-PE's) is beneficial anyway, otherwise someone could end up sifting through many reviews without realizing those weaknesses (and may never realize until it is too late!). It's normally expected for an Anti-Virus product to be capable of scanning scripts and not just traditional PE's, even if most Anti-Virus products aren't "good" with it. There is a lot of script-based malware out there... For the past few years in the analysis labs, I've seen a majority of the scripts I get handed to be acting as a down-loader for the main payload - you have to work fast sometimes before the C&C servers/downloads become inactive. Cylance could always consider Antimalware Scan Interface (AMSI) on Windows for Windows 10 and above environments. It will provide some script scanning capabilities for them to integrate into their product. I recently had to make some adjustments to our implementation of it before the holidays. You can read more information about it here: [URL="https://docs.microsoft.com/en-us/windows/desktop/AMSI/antimalware-scan-interface-portal"]Antimalware Scan Interface[/URL] I've seen Cylance perform quite well when it is used in combination with other products for a layered protection configuration. I've also seen it fail though - and I have seen other vendors fail a lot harder too. They have definitely been improving since they started up and I'm looking forward to the progress with it. [/QUOTE]
Insert quotes…
Verification
Post reply
Top