Please report this video to EXE radar developer (I'm not the author of this video). After asking this youtube channel of this yesterday evening, they immediatly uploaded a video.. I don't know if it's a bypass, so I used quotation marks. Happy easter to all
Guys don't panic. Look at Panda's bypassed video comment section. They are a Cylance and CB reseller as well. Finally, the actual weakness is in Windows 7 and it's Powershell version 1.0 or 2.0 - all product will fail as they will use all types of powershell attack tools and will always bypass...if not file based, fileless will work as well, after I mentioned about "Invoke Obfuscation" powershell method Carbon Black won't be able to block as well, look at their answers....they still need to combine with Logrhythm or CyberShark to detect. Don't worry guys....trust your own product. Look at this video then you will understand...no security product at this moment can 100% protect you against advanced powershell attack especially fileless based attack. If only their video ran on Windows 10, disable Powershell 2.0, enable Windows Defender, enable your product...if run the exact same attack from the current video of your product...it will fail to bypass..but of course, if they were to reproduce another video running on windows 10, they will surely leverage the attack to another level.
If your product is running on Windows 10 or server 2016, disable Powershell 2.0, running fully on Powershell version 5, setup logging in Events, GPO, setup Logrhythm/Cybershark or other similar tools, install your product ensure support AMSI, Enable Windows Defender and secure it.. then you are protected from the most advanced powershell attack...except invoke Obfuscation Powershell Attack which needs close monitoring on your networks and system event.