App Review Cylance Smart Antivirus 2018 Bypassed

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Last edited by a moderator:
  • Like
Reactions: Mercenary, Windows_Security, ForgottenSeer 72227 and 10 others
So much for Next-Gen AI\ML:

PopularJauntyAracari-max-1mb.gif


But hey... at least it doesn't hog your system resources.
 
Last edited by a moderator:
  • Like
Reactions: Mercenary, ChemicalB, catjc and 7 others
davisd said:
Cylance is just a basic and light antivirus, nothing else, If you think integrated AI/ML (mathematics) is silver bullet, you need to catch a bullet too, I'm sorry.
Click to expand...


You're right, but it seems that the developer of kyrox ransomware has bypassed several other antivirus.
 
  • Like
Reactions: spaceoctopus, ForgottenSeer 72227, RaduGL and 4 others
erreale said:
You're right, but it seems that the developer of kyrox ransomware has bypassed several other antivirus.
Click to expand...
It's good, because people will maybe start to reconsider their security, that AV's aren't enough and discover Anti-exe/Sanbox/SRP. For changes to take place and people mindset about online security, global digital catastrophy needs happen, and it will, it's just a matter of time.
 
Last edited by a moderator:
  • Like
Reactions: Mercenary, spaceoctopus, simmerskool and 12 others
Laughing.... this is good. And this is what products deserve when they promise too much.

Cylance says they are two years ahead of the adversary.

1541248968888.png


I guess kyrox ransomware is 2.1 years ahead of Cylance.

I (surprisingly) now like Cylance. I think they do have a more effective algorithm for certain classes of malware.

But it should just be a module in a more comprehensive product --- I think.
 
  • Like
Reactions: Mercenary, spaceoctopus, simmerskool and 8 others
Cylance is a good product, it is very light and unobtrusive with a nice detection rate; the problem is that AI/ML has many limitations and the lack of frequent "training" updates makes it a big problem.

I like the product, but I hate the marketing of Cylance, if Ai/ML was the silver bullet, the end game of malware protection, vendors like Kaspersky/ESET/Norton would love to roll with it alone and discard the old and somewhat expensive signature protection model (human analysts x servers to deliver updates x testing beds).

AI/ML needs constant retraining and updates to stay effective and ahead of the curve, it isnt very different from "traditional" antivirus engines (they are hybrid nowdays anyway) ...
 
  • Like
Reactions: Mercenary, simmerskool, ChemicalB and 11 others
It goes without saying that many other vendors have "Ai/ML" model implementations and have done for several years - some vendors offer their technology to other companies through a licensed SDK as well (Bitdefender and Avira do this).

Cylance would become more known and would make more buck if they followed the SDK route because I am sure they would be able to find companies who would want to adopt their technology alongside their own (be it for non-commercial or commercial reasons).
 
  • Like
Reactions: Der.Reisende, ForgottenSeer 72227, Nightwalker and 3 others
Kubla said:
And I like other security programs that have things get past it the developers at Cylance will hopefully use this example to make their product better.
Click to expand...


The problem is that against kyrox ransomware have also failed: Malwarebytes, SecureAPlus, Eset, Avast, Kaspersky..e others. There are many who have to make their products better.
 
  • Like
Reactions: Der.Reisende, tonibalas, oldschool and 1 other person
erreale said:
The problem is that against kyrox ransomware have also failed: Malwarebytes, SecureAPlus, Eset, Avast, Kaspersky..e others. There are many who have to make their products better.
Click to expand...

I did a quick Google search and didn't see the answer.... do we know what products were successful in blocking Kyrox?
 
All we actually see is the system rebooting and a .NET application (guessing) being automatically ran (preferably via the HKLM/HKCU AutoRun key) which happens to list a bunch of files which may or may not actually exist. Even if the file enumeration is real, that does not mean the files are actually being modified.

I'm not saying that Cylance hasn't been "bypassed" by the author of this video, but I am neither agreeing that it has been - no one has shared concrete evidence to validate that Cylance has been "bypassed" in this video.

There's no point caring about the results of something when there is insufficient evidence to validate whether the source and test conclusion/s are credible or not.
 
  • Like
Reactions: In2an3_PpG, Burrito, ForgottenSeer 72227 and 4 others
Burrito said:
I did a quick Google search and didn't see the answer.... do we know what products were successful in blocking Kyrox?
Click to expand...


It certainly does not bypass Comodo sandbox (there is a video showing kyros started in sandbox) and I do not even think of the Srp programs.
 
  • Like
Reactions: Der.Reisende
erreale said:
The problem is that against kyrox ransomware have also failed: Malwarebytes, SecureAPlus, Eset, Avast, Kaspersky..e others. There are many who have to make their products better.
Click to expand...
Probably this is true with default settings, but tweaking properly some of those products...
 
  • Like
Reactions: ChemicalB, bribon77, ForgottenSeer 72227 and 4 others
harlan4096 said:
Probably this is true with default settings, but tweaking properly some of those products...
Click to expand...


I absolutely agree with you. The programs have been tested with the default settings and we know very well that with some changes the software greatly improve. But how many users use default settings? I think the majority.
 

You may also like...