Cylance Smart Antivirus PC MAG Review

[509322]

Test Bitdefender Internet Security 22.0 for Windows 10 (181491)

On a high-end system, like you said, 23% slower launching of popular webpages by bitdefender. A significant slowdown if I don't say so myself.

Norton slows down the browsing of web-pages on a high end PC by 14%
Test Norton Norton Security 22.12 for Windows 10 (181416)

Avira seems fairly fast here with only 6% slower launching of popular webpages: Test Avira Antivirus Pro 15.0 for Windows 10 (181480)
However Av-Comparatives indicates that Avira has a significant performance impact when downloading files: Performance Test April 2018 | AV-Comparatives
Which is odd, because AV-Test shows that Avira is relatively quick at this, and probably indicative that the performance impact differs from system to system. But this begs the question. If Cylance can match and beat the detection rate of these products without this kind of negative performance impact why use this type of protection at all.

People with high-end PCs, particularly in the enthusiast markets are paying several hundreds of dollars for 10%+ performance. How do you think they feel about losing 14% of that to their anti-malware?

Protecting against undetected malware sounds like the webroot approach. It's not without merit, but I'd much prefer something with a high initial detection rate because I feel like remiditation is a fools game at best. I would much rather be notified post-infection and start over fresh.

I have all i7 systems and I cannot detect any meaningful difference between a soft that causes 6% and 25% browser launch slowdown.

When you're dealing with seconds, 6% and 25% increases are still small numbers not very detectable by most humans. Most people don't care one bit about the slowdown even if they are on a $2,500+ dollar system. In fact, except for one or two, they are thinking about such things. They are lucky if the even bothered to install any security softs.

I've used Cylance. I've had subscriptions. It's a standalone antivirus that does not provide full protection.

If you want the greatest protection with the least system impact and annoyances, then SRP is the answer. It always has been.

 

[Kubla]

Don't get me wrong, I love how lightweight it is. More specifically, how it 'feels' on your system, it really does feel like there isn't any AV running at all which is exceedingly nice. I'm pretty much recommending Cylance to people with caveats.

I believe Cylance should be more than enough (with the caveats below noted) to provide a near zero weight/impact and solid protection. Barring a UTM/NGFW on the gateway, I would pair up Cylance with OSArmor and Heimdal. That's just my opinion, I probably wouldn't run Cylance vanilla with nothing else and would choose one or the other.

With all of the negatives and/or questions, I will post what I like (love?) about Cylance;

1) Administration Panel - I like web panels for my security. Force of habit from the corporate world. While short on settings, Cylance has a speedy, attractive panel where you can quickly get a sight on your devices and see what is going on, and whitelist/etc. Very nice.
2) Weight and Speed - systems feel FAST with Cylance on them. No mistaking that! Impressively light..
3) Strong Awareness of application integrity and anomalies. I'm picky, I want to know if any application, module or update diverges from the norm. Cylance provides that awareness by alerting to anomalies. I have confidence if anything gets hijacked, altered/tampered, or something with an application update channel gets replaced with a subverted module Cylance WILL find it and alert.,
4) Spartan interface - love it! I'm tired of bloat, like you. Give me the data I need and stop giving me flashy whistles and lights.
5) Enthusiasm - let's face it, there is a lot of enthusiasm around Cylance. It's contagious. You know the people there probably love the product and it shows. Nobody gets excited (or cares) about Avast anymore. Cylance is doing cool things and has an edgy feel to it. ;-)

So would I recommend Cylance? After 2 weeks of toying with it, I am shifting it to my recommendation category with caveats*

1) You probably need a router/firewall with some UTM features w/Cylance. (pick a brand)
and/or
2) You probably should pair it up with Heimdal and/or OSArmor.

Cylance+Gryphon is so good, I think it's my recommended combo for anyone looking to get a couple different artificially intelligent technologies working on their network and systems that totally compliment each other. Since both of them use ML/AI, and both would totally compliment each other, it's like the perfect combo IMO. Gryphon is going to seal right up any potential areas Cylance might falter.

Here's my 15 second marketing graphic for this combo;

View attachment 193905

I am leaning toward the Cujo AI the only thing that bugs me is if you use a VPN on one of your devices it will not protect that device, perhaps that is inherent in these types of devices? I am going to do some more research on the Gryphon.

 

[ForgottenSeer 58943]

I am leaning toward the Cujo AI the only thing that bugs me is if you use a VPN on one of your devices it will not protect that device, perhaps that is inherent in these types of devices? I am going to do some more research on the Gryphon.

A VPN encapsulates your traffic in an encrypted tunnel (IPSEC, etc). Thus, bypassing security on your own network that isn't on the endpoint directly. So yes, if you had a Cujo, a VPN would totally bypass it's protection but only on THAT endpoint. Good VPN's, such as Fortinet, Cisco, Juniper, etc. can utilize Split Tunnel Mode, which routes local internet traffic through the local WAN, while preserving the VPN through the VPN tunnel.

Cujo is pretty good. It can function in primary/direct mode as the authoritative DHCP OR you can bridge it behind your normal router providing traffic inspection, URL filtration, etc. The general, most common setup for Cujo is to plug it into your existing router, Cujo will take over DHCP (authoritative) and become the primary DHCP server and all network activity will be protected.

Gryphon can function in a similar manner, but since it is one of the most powerful routers available I recommend replacing any existing router with Gryphon and having it control everything and every device routing through it. Otherwise you CAN bridge it behind your existing router, but you'd be neglecting the powerful WiFi power of Gryphon. Aside from that, it functions quite similar to Cujo but Gryphon does have more mature parental controls.

BOTH utilize machine learning/AI in how they function. Both will protect you and offload URL scanning to hardware so you can spare your endpoints from doing it. Cylance+Gryphon or Cujo would put two technologies using AI/ML on your network. One of the best defenses against advanced threat technologies is AI/ML simply because those techs introduce unknown variables a threat or threat actor can't always factor. Signature based systems with largely stagnant technology are 'known' entities with common metrics. Just my opinion on that of course.

If you already have a very good router then IMO Cujo would sufficient. If you want a super powered router and WiFi, with AI/ML network security, Gryphon is the only choice. I'd advise to do some research. Gryphon uses up to date, state of the art technology from ESET's Corporate Division. Cujo doesn't disclose where/who they get their threat technology and URL databases from or any licensing information.

 

[artek]

I have all i7 systems and I cannot detect any meaningful difference between a soft that causes 6% and 25% browser launch slowdown.

When you're dealing with seconds, 6% and 25% increases are still small numbers not very detectable by most humans. Most people don't care one bit about the slowdown even if they are on a $2,500+ dollar system. In fact, except for one or two, they are thinking about such things. They are lucky if the even bothered to install any security softs.

I've used Cylance. I've had subscriptions. It's a standalone antivirus that does not provide full protection.

If you want the greatest protection with the least system impact and annoyances, then SRP is the answer. It always has been.

I don't know how you can speak about "most people" so callously. I can tell the difference. What are the most common complaints you hear about bitdefender and kaspersky? "They make my system feel slow." There's a whole brand of testing concerned with measuring performance impact - the industry is pretty clearly paranoid about performance impact. It must be on a consumers mind, otherwise why bother with all the tests? If they weren't thinking about it, it'd be like the inbound testing for consumer firewalls. Done once and never again.

 

[Deleted member 178]

What are the most common complaints you hear about bitdefender and kaspersky? "They make my system feel slow."

Those who complains are not "most people", those you don't heard of are.

 

[Azure]

I don't know how you can speak about "most people" so callously. I can tell the difference. What are the most common complaints you hear about bitdefender and kaspersky? "They make my system feel slow." There's a whole brand of testing concerned with measuring performance impact - the industry is pretty clearly paranoid about performance impact. It must be on a consumers mind, otherwise why bother with all the tests? If they weren't thinking about it, it'd be like the inbound testing for consumer firewalls. Done once and never again.

Quick question, when you used Bitdefender did you ran a system scan? Read on the forum that can help add known clean files to cache and prevent them from being scanned

 

[ForgottenSeer 58943]

Quick question, when you used Bitdefender did you ran a system scan? Read on the forum that can help add known clean files to cache and prevent them from being scanned

Active/Passive caching. I think most AV's have some sort of system for this. AVG for example, after the intitial scan feeds exceedingly lightweight because of the caching. I will agree though in that many products add sluggishness to a system in one way or another. Either big directory loads, websites, updates, file launching, etc.

 

[artek]

Quick question, when you used Bitdefender did you ran a system scan? Read on the forum that can help add known clean files to cache and prevent them from being scanned

I did.

 

[509322]

I don't know how you can speak about "most people" so callously. I can tell the difference. What are the most common complaints you hear about bitdefender and kaspersky? "They make my system feel slow." There's a whole brand of testing concerned with measuring performance impact - the industry is pretty clearly paranoid about performance impact. It must be on a consumers mind, otherwise why bother with all the tests? If they weren't thinking about it, it'd be like the inbound testing for consumer firewalls. Done once and never again.

You don't have to convince me that AV and IS suxx. I already know all the problems - and there is a long list. On the whole I don't disagree with you. The worst resource hog that I know of is Windows 10's Antimalware Service (Windows Defender) that obviously impacts an i7 4720HQ. However, Bitdefender and Kaspersky don't impact the system half as much. It has always been a highly version-system specific issue instead of a pervasive one.

I also know that the Average Joe isn't concerned nor looks at AV lab tests of any kind. They don't even know that AV labs exist. The industry does need to worry about it. But then I look at the numbers and I know from experience that the lab tests are sometimes splitting hairs and not necessarily indicative of what people experience on their own specific systems. AV test lab results are more or less a guideline, an indicator if you will.

 

[ForgottenSeer 58943]

Windows Defender is an epic system hog.

I love when I perform a Win10 Reset on my boxes and after it's done they feel 5 times heavier until WD is disabled in group policy. Such a pile..