_CyberGhosT_

Level 53
Content Creator
Trusted
Verified
I noticed that @_CyberGhosT_ has been using DeepArmor for a while, and he seems to like it. In fact, it is one of the key components in his new config. Maybe CG can share his experiences...

I tried out DeepArmor only very briefly, a month or two ago, it looked good, but I just didn't have the time and patience to be an early beta guinea pig.
I don't have the time now, but yes in the near future I need to write something up concerning my
time with DeepArmor. Soon brother ;)
 
Would like to try some of this programs and some other "AI" program. Unfortunately the companies don't want me until i start a company with a few hundred employees.
Yes that is a major problem with next gen Av. Companies will not even reply to emails if you want less than 250 licenses.

I wish they would allow re-sellers like Cylance does so we can use their software.
 

Myriad

Level 7
Verified
" AI" , " Fuzzy logic " , "Heuristic Analysis ".

None of those are new , only the use of those terms for " Whiz , Flash ,Bang " advertising blurb is new .

One cola maker brings out a "diet" version , and then the rest join in , rapidly .... "monkey see , monkey do " .

AV vendors are truly scraping the barrel , in a desperate attempt to keep a hold of their market share .
A once very lucrative industry is now heading the way of steam engines , and they know it !

Just my 2 cents .... sorry if it comes across as cynical :)
 

shmu26

Level 80
Content Creator
Trusted
Verified
Yes that is a major problem with next gen Av. Companies will not even reply to emails if you want less than 250 licenses.

I wish they would allow re-sellers like Cylance does so we can use their software.
I somehow got into the beta of deeparmor, but it took them a few weeks to reply to my application, like they warned me at the time I signed up.

I reinstalled deeparmor today, and ran a few clean programs. Basically, I saw that it flagged the kind of thing that Qihoo 360 would block, such as programs that start up from unusual locations, or that run an exe located in a temp folder, or toolboxes that contain all sorts of windows-fixing apps.

All of that is forgivable, and even understandable.

The one real FP I saw was the updater for FOXIT PDF reader.
 
Last edited:

tim one

Level 21
Trusted
Malware Hunter
Verified
" AI" , " Fuzzy logic " , "Heuristic Analysis ".

None of those are new , only the use of those terms for " Whiz , Flash ,Bang " advertising blurb is new .

One cola maker brings out a "diet" version , and then the rest join in , rapidly .... "monkey see , monkey do " .

AV vendors are truly scraping the barrel , in a desperate attempt to keep a hold of their market share .
A once very lucrative industry is now heading the way of steam engines , and they know it !

Just my 2 cents .... sorry if it comes across as cynical :)
Unfortunately, I find a truth in that. Marketing and business are the basis of everything.
Only a few people can really confirm the robustness of a claim about a maybe "new" AI implementation on the home page of an AV vendor.
 

XhenEd

Level 27
Content Creator
Trusted
Verified
Most AVs now use "AI", well at least all the known AV vendors, because of machine learning and other things. :)

But depending on one's perspective, you may say that no one is using "AI" because "AI" does not exist (yet). :D

So, if a company says they have AI, they mean machine learning, at best. :D
 

vemn

Level 6
Malware Hunter
Fireeye - hmmm not really a fan of it.. but yes to its Mandiant, only.
Cylance - appearing everywhere nowadays with the claim of no updates required for 6 months.
Anyone knows why so?
CrowdStrike - Rising topic in my region as well, any reviews?
 
  • Like
Reactions: Deleted member 2913

Kubla

Level 6
AI in security software is more of a marketing gimmick than anything else - Eugene Kaspersky.

Machine learning is based upon pattern matching on a large-scale. It's nothing more, nothing less. And don't let anyone tell you otherwise.

The predictive part of machine learning is still as dumb as a rock today as it was yesterday.

InfoWorld article:

The truth behind AI, machine learning, and bots
According to this;
Signature-based malware detection not as good as AI, says ICIT paper

The report, published by the Institute for Critical Infrastructure Technology (ICIT), said that it is “no longer enough” to detect and respond to cyber-attacks and that artificial intelligence (AI) is necessary to offer the predictive quality that can give organisations a “much-needed edge on their more sophisticated, less burdened, and more evasive adversaries”.
However the article also states;
“Many ‘silver-bullet' vendors offer faux-AI solutions that operate on imprecise algorithms, that do not draw from large enough data pools, or that do not analyse files according to enough features. These solutions cannot precisely evaluate files at a granular level. Other, worse solution providers tout machine learning capabilities, but really only offer the application of ‘exception'-derived signatures to generic templates,”
Are any of the products mentioned real AI solutions?
 
  • Like
Reactions: Deleted member 2913

Winter Soldier

Level 25
Artificial intelligence: amazing!
Algorithms able to protect your online life, independently.
This simplified approach helps to make it clear how much it is far away the safety in the game we're playing, in cybersecurity.
If we talk about zero-days exploits, this threat is more complex than we can imagine.

It seems that this is the year of Artificial Intelligence, researchers and analysts say that (maybe they said this also in 2016 :D), but the roadmap is traced.
For sure the high capacity of analysis may allow you to elevate the ability to identify vulnerabilities, create patches before that, thanks to this vulnerability, malware are developed.

Many years ago, the safest way to protect the user was to install a good and simple antivirus on its machines.
Prehistoric era now, but the road is the same. Demonstrate to the user "into the wild" the effectiveness of the strategies.
Today really, a defense based on traditional antivirus also with good heuristic algorithms and behavioural blockers, may not be enough against the next gen malware: antivirus vs ransomware have marked the final inadequacy of the initial idea of protection based on control of incoming packets.

In my opinion, the network has to be examined in his behavior, the patching should be applied, the information and the data should be classified. The policy adequate to the protection processes.
At this point, the effectiveness of the artificial intelligence has to be demonstrated and we will know if it enhances its role in safety.
 
  • Like
Reactions: Deleted member 2913