Cylance Smart Antivirus

[Deleted Member 3a5v73x]

Cylance Smart Antivirus is the first next-generation antivirus available to consumers and provides families with the only enterpriseclass security software designed for personal use. Using artificial intelligence, Cylance Smart Antivirus eliminates the need for updates and popups while it protects you and your loved ones against the latest cybersecurity threats.

Since there are users of it in the MalwareTips, discussion thread about Cylance Smart Antivirus for consumers needs to be open.

More info: Cylance Smart Antivirus - Home Security, Powered by AI

FAQ

Quick Start Guide

User Manual

 

[Deleted Member 3a5v73x]

So finally bought myself a copy of Cylance Smart AV. Purchasing through US/UK VPN with PayPal worked out. Software and dashboard is working fine without any limitations regarding my location in central Baltic States.

What so far caught my attention was that in their FAQ - What type and how many files are scanned? it says

Cylance Smart Antivirus only scans Portable Executable Files (PE), such as .exe, .dll etc.
Cylance Smart Antivirus does not do a traditional background threat detection, and will only scan active and opened files and processes. If a file on a secondary drive like an external hard drive is opened/copied/moved, this will trigger a process attached to the file at while point the Cylance Smart Antivirus Agent would scan it.

But this is not the case, it also identifies treats BEFORE execution. My example was originally an .bin file, and while renaming to .exe, Cylance caught it.

 

[Moonhorse]

Is there any videos worth watching of it out there

Personal - 1 device - 2 years for 40 bucks doesnt seem bad at all for anyone looking for paid solution

 

[rsonic]

limitations regarding my location in central Baltic States.

I asked on Reddit about this, the answer was:

"Currently, the product is only available in English, and only sold in US, Canada, UK, Wales, Ireland, Australia, New Zealand, and South Africa.
We're working right now on non-English releases. I don't have exact dates yet, but we will be releasing to additional countries in the near future.
VPNs are fantastic... You technically *could* use a VPN, but it wouldn't be supported. "

 

[Deleted Member 3a5v73x]

I asked on Reddit about this, the answer was:

"Currently, the product is only available in English, and only sold in US, Canada, UK, Wales, Ireland, Australia, New Zealand, and South Africa.
We're working right now on non-English releases. I don't have exact dates yet, but we will be releasing to additional countries in the near future.
VPNs are fantastic... You technically *could* use a VPN, but it wouldn't be supported. "

Yeah, just saw their comment on /r/Cylance but support did answer me on their zendesk support page and also in the email in less than 12h, so not sure what they meant by "..wouldn't be supported". Don't really need any other support from them right now other than few simple answers.

 

[Deleted Member 3a5v73x]

Is there any videos worth watching of it out there

Personal - 1 device - 2 years for 40 bucks doesnt seem bad at all for anyone looking for paid solution

None that I am aware of as of now, but you can check some of the latest ones in their official youtube channel. Cylance Inc.

This one is 4 years old, but should still be valid for general info about Cylance.

 

[ForgottenSeer 65219]

I'm really curious to know what is the false positive rate on this product.
Becuase I see much time it reports safe file as malicious on virus total.

 

[upnorth]

@davisd perhaps join up with the AV testers here on MT and share the results in the Malware HUB.

 

[Deleted member 178]

@davisd perhaps join up with the AV testers here on MT and share the results in the Malware HUB.

i predict big fail from Cylance LOL

 

[509322]

i predict big fail from Cylance LOL

Cylance will be the new craze on the forums until people start seeing problems. The new fanbois will hype it, promote it. Then there will be arguments that Cylance is the greatest thing since food. Eventually... Cylance will all go away just like every time before. Just like every other "This is the latest and greatest." You've seen it a million times in the 15+ years you've been on the forums.

It will sell because it feeds those people who do not, and don't want to, understand anything about their PC and its security (borrowed from Christian). The soft is for typical, average users. Security soft geeks should know better if they are really at an advanced user level within IT security.

People will just never get it. You cannot install a security soft on default Windows and expect, that all your security problems are gone... forever. The sad part is that people truly believe that this is possible. They believe that the next default-allow solution is somehow going to magically provide something way better than what already exists on the market.

Silly rabbits.

Just sit back and spectate and let it play-out.

 

[RoboMan]

i predict big fail from Cylance LOL

10USD via PayPal that if it's tested it's gonna perform great, go

 

[AlanOstaszewski]

This form of advertising and the suffix "Smart" in the product name are likely to attract many consumers with high expectations. I just hope Cylance can deliver on those high expectations. If not, it will quickly disappear from the consumer market and no one will know about Cylance.

 

[17410742]

why are people on here discrediting Cylance without knowing how it performs compared to its competition?

...what's all that about?

 

[Kubla]

This form of advertising and the suffix "Smart" in the product name are likely to attract many consumers with high expectations. I just hope Cylance can deliver on those high expectations. If not, it will quickly disappear from the consumer market and no one will know about Cylance.

They have to be pretty damn confident about delivering on those expectations, putting their reputation thus their corporate business on the line.

I can already see the negative advertising " Why would you put your network security in the hand of a company that could not protect an ordinary home PC"

One thing there is no doubt about and that is AI based threat protection is the future of the anti-malware business and they just got a good leap out front of the consumer market, I fully I expect others will follow suit.

 

[cruelsister]

what's all that about?

Some know exactly how it actually performs, thus the mockery...

 

[ForgottenSeer 58943]

FYI - starting a couple weeks ago I offered a free copy of Cylance (on my dime) to the hub testers to run through the hoops. So far nobody has taken me up on my offer. I'm actually pretty confident that it wouldn't be a disaster there so I was willing to foot the bill for it to see what would happen. The traditional pundits will come in and bash Cylance, Lockdown promoting SRP, CS promoting the Comodo Religion, etc. (no offense to those players, but that's guaranteed to happen)

I'm actually growing to be a bit of a fan of Cylance right now after being one of it's bigger critics but I only offer my recommendation of it provided there are some important caveats with that recommendation. The primary one being - you should have a URL/Traffic scanner paired with it. We tested Cylance here in the labs, it didn't perform all that astounding on a DMZ. But when we tossed it behind a reasonably qualified UTM/NGFW it was actually an excellent performer and offered some protections against some threats we've observed that few other technologies can address.

So I recommend Cylance be paired with a security focused router. Gryphon is the best. ASUS w/AiProtection, Norton Sphere, Bit Defender Box, F-Secure Sense, whatever.. As long as the router has decent URL filtration, then Cylance can run naked behind it and provide sufficient protection in most cases. Barring a router w/UTM like features I'd recommend pairing Cylance with Heimdal as Heimdal will offer incredibly potent URL/Traffic filtration encompassing one of the gaps in protection of Cylance. Or the hard combo of Cylance+OSArmor+Heimdal if you desire what likely amounts to impenetrable security. I still think Gryphon+Cylance is probably the best advanced combination I have found as that gives you ML/AI protection on your network, along with ML/AL protection on the endpoints, along with ESET/Zvelo for URL filtration.

We've found Cylance capable in an area most traditional suites fail - malware that doesn't exist but the moment it exists, it's usually detected. We've seen this exhibited with update channel compromises, tampered updates, altered malware and other things in testing. It actually appears quite potent in those areas. Coding an evasion to Cylance, I bet, is actually pretty hard for traditional malware coders which generally seem to alter existing malware to bypass traditional AV's since dataset fed into Cylance appears pretty extensive, and should spot it.

FP's with Cylance are infrequent, and should be paid attention to. After putting it on a few well used machines for testing we've only had a couple FP's over the weeks. We've had some extremely suspicious warnings that appeared like they could be FP's, but later evaluation showed us they weren't. So I guess we will see how this pans out. Each time Cylance comes up it causes a controversy..

 

[cruelsister]

Sly- Cylance is far from crap. However true penetration testing was done during their "Unbelievable Tour"; the difference in detection between the setup malware provided by C and the malware coded by nasty folk was severe.

I've said it before, but I hate it when Corporations think I'm stupid...

 

[vtqhtr413]

These 4 Antivirus Tools Are Using AI to Protect Your System

Smart Antivirus does, however, have some downsides. Unlike other antivirus suites with active monitoring, Cylance Smart Antivirus allows you to visit potentially malicious sites. I assume this is confidence that the product will stop malicious downloads, but it doesn’t protect against phishing attacks or similar threats.

 

[ForgottenSeer 58943]

These 4 Antivirus Tools Are Using AI to Protect Your System

Smart Antivirus does, however, have some downsides. Unlike other antivirus suites with active monitoring, Cylance Smart Antivirus allows you to visit potentially malicious sites. I assume this is confidence that the product will stop malicious downloads, but it doesn’t protect against phishing attacks or similar threats.

Hence my caveat about it. Toss it behind a competent UTM Router and you are gold - that's actually how it is designed to function. Otherwise, pair it with Heimdal and/or OSArmor to seal up the areas it's not designed to cover. Keep in mind, Cylance is designed to sit on a network behind something like a Fortigate, which is going to do the heavy lifting of IPS+URL Filtration+Traffic Analysis, etc. Knowing where it's weaknesses are, one can deploy it with good confidence assuming those weaknesses are addressed.

Oh, I'm afraid I didn't read that. I'd be willing to test it if you're okay with it. But not until tomorrow, because I'm not at home. I'd be very grateful.

Let's do this.. PM sent.

FYI - Cylance is now being licensed out to UTM/NGFW vendors. First out of the gate is Watchguard. Now every WG appliance updated to the latest FW has Cylance on the gateway prowling for new threats.

WatchGuard Technologies Launches Artificial Intelligence-Based Antivirus to Help Defend Against Zero Day Malware

 

[Sunshine-boy]

These 4 Antivirus Tools Are Using AI to Protect Your System

Add Eset, Kaspersky, Qihoo 360, WD, Sophos, TrendMicro, Bitdefender, and Symantec to this list.
Most Avs have local Ai(like Cylance) +cloud+BB or Hips like proeciton+sig and more...
it smees Cylance only have the Ai part and want $ for smth that others already provided me for free lol (like Kaspersky free or total security 360)

No Thnx :emoji_innocent: