Cylance Smart Antivirus

  • Thread starter Deleted Member 3a5v73x
  • Start date
Status
Not open for further replies.
D

Deleted member 178

Thread author
But I know Cylance is designed to be behind a UTM/NGFW and with other protects in place with DNS, GP's, etc. So I wouldn't even consider running Cylance naked
Sadly, the Cylance product we are talking about in this thread is the Home User version which is supposed to be ran naked on the system, Average Joe doesn't uses and masters UTMs/NGFWs, fancy routers and other post-exploitation apps like SysHardener or OSA.
So as i kept saying, it is a massive technical fail which is the total opposite of the "revolution" they announced.
Now as you said, i wont mind using Cylance on my system but not naked, and surely not as my main protection, Appguard and ReHIPS protect me way better. I wont pay for Cylance at its current state.
 
Last edited by a moderator:

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
Three questions about Cylance Smart Antivirus for anybody who's using/used this product:
  1. How light is it compared to a traditional antivirus? (I know each runs differently on different systems but just give me your opinions.)
  2. Does it monitor for malicious behaviour after a program has been executed?
  3. How painless is the refund process?
 
Last edited:
F

ForgottenSeer 58943

Thread author
Three questions about Cylance Smart Antivirus for anybody who's using/used this product:
  1. How light is it compared to a traditional antivirus? (I know each runs differently on different systems but just give me your opinions.)
Magnificently light. So light, in comparison everything feels heavy. I recently tested SEPC (which is VERY light) on the same system that was previously testing Cylance, and SEPC felt like a lead weight in comparison.

Does it monitor for malicious behaviour after a program has been executed?

It does. It's actually pretty good in some cases with this. For example if a process launches, then in the background updates itself, it will monitor such things for malicious activity. I've seen Cylance stop a 'tampered' Chrome update via the Chrome Update Service. That aspect impressed me.

How painless is the refund process?

Easy. Go here;
Customer Care Center

Fill it out with your order information. In 48 hours your refund will arrive.
 

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
Magnificently light. So light, in comparison everything feels heavy. I recently tested SEPC (which is VERY light) on the same system that was previously testing Cylance, and SEPC felt like a lead weight in comparison.



It does. It's actually pretty good in some cases with this. For example if a process launches, then in the background updates itself, it will monitor such things for malicious activity. I've seen Cylance stop a 'tampered' Chrome update via the Chrome Update Service. That aspect impressed me.



Easy. Go here;
Customer Care Center

Fill it out with your order information. In 48 hours your refund will arrive.
Very light. It's the only AV that I've installed that I can't immediately feel performance degradation.
Perfect. Thanks you two.
 

GreenCoconut

New Member
Aug 14, 2018
2
I have a few questions for the product Cylance Smart AV. I was browsing around looking for AV solutions, when I stumbled across Cylance Smart AV. I was initially impressed, until I realized that this product is really only a File Scanner that has a Behavioral component. These are now my questions:

1. Say a file, not yet determined as malicious, is ran and attempts to connect to a malicious server. These files don't use browsers to connect, so a web browser extension won't block this. Since CSAV doesn't had a Web Traffic Scanning component, how will it protect in this scenario?

2. Does CSAV have Application Control in this package?

3. Does CSAV have exploit protection? Since this product doesn't have a Firewall or a Firewall Booster even (eg. Trend Micro, Emsisoft, F-Secure.), how will it protect against hackers trying to exploit the system?

4. Will Cylance add the missing components anytime soon?
 

simmerskool

Level 31
Verified
Top Poster
Well-known
Apr 16, 2017
2,094
Sadly, the Cylance product we are talking about in this thread is the Home User version which is supposed to be ran naked on the system, Average Joe doesn't uses and masters UTMs/NGFWs, fancy routers and other post-exploitation apps like SysHardener or OSA.
So as i kept saying, it is a massive technical fail which is the total opposite of the "revolution" they announced.
Now as you said, i wont mind using Cylance on my system but not naked, and surely not as my main protection, Appguard and ReHIPS protect me way better. I wont pay for Cylance at its current state.

have we figured out or discussed differences between protection offered by Cylance Smart AV and CylanceProtect?? Maybe I missed that post. I for one am not sure (yet) and I have both, but have not had any opportunity yet to dig-in to Cylance Smart.
 

artek

Level 5
Verified
May 23, 2014
236
I have a few questions for the product Cylance Smart AV. I was browsing around looking for AV solutions, when I stumbled across Cylance Smart AV. I was initially impressed, until I realized that this product is really only a File Scanner that has a Behavioral component. These are now my questions:

1. Say a file, not yet determined as malicious, is ran and attempts to connect to a malicious server. These files don't use browsers to connect, so a web browser extension won't block this. Since CSAV doesn't had a Web Traffic Scanning component, how will it protect in this scenario?

2. Does CSAV have Application Control in this package?

3. Does CSAV have exploit protection? Since this product doesn't have a Firewall or a Firewall Booster even (eg. Trend Micro, Emsisoft, F-Secure.), how will it protect against hackers trying to exploit the system?

4. Will Cylance add the missing components anytime soon?


1. Say a file, not yet determined as malicious, is ran and attempts to connect to a malicious server. These files don't use browsers to connect, so a web browser extension won't block this. Since CSAV doesn't had a Web Traffic Scanning component, how will it protect in this scenario?

If the file runs without being detected it won't stop the traffic. If you want something that does, you should be using an outbound firewall of some sort. Web traffic scanning is generally very poorly done by Anti-Malware programs to the point where they introduce vulnerabilities into the system that weren't there before. If the address that the malware connects to isn't in your web-components database it wont stop the connection out anyway, so you are serviced far better running something like commodo firewall than relying on a traffic scanner by an anti-virus.

2. Does CSAV have Application Control in this package?

What do you mean by application control?

3. Does CSAV have exploit protection? Since this product doesn't have a Firewall or a Firewall Booster even (eg. Trend Micro, Emsisoft, F-Secure.), how will it protect against hackers trying to exploit the system?

I'm not certain about the exploit protection. I haven't read anything suggesting that it dosen't, but that does not mean that they've included it in the home-user version. Trend, Emsisoft, F-Secure all leverage the windows firewall. The windows firewall is excellent at stoping inbound attackers by itself. They each have their own scheme to bolster it, but if you want something that will control outbound connections you're far better off with WFC or Comodo.

4. Will Cylance add the missing components anytime soon?

I don't think anyone knows the answer to this.
 
D

Deleted member 178

Thread author
1. Say a file, not yet determined as malicious, is ran and attempts to connect to a malicious server. These files don't use browsers to connect, so a web browser extension won't block this. Since CSAV doesn't had a Web Traffic Scanning component, how will it protect in this scenario?
it won't. CSAV isn't a suite, it is just an barebone AV, it doesn't have any firewall capabilities.

2. Does CSAV have Application Control in this package?
Nope.

3. Does CSAV have exploit protection? Since this product doesn't have a Firewall or a Firewall Booster even (eg. Trend Micro, Emsisoft, F-Secure.), how will it protect against hackers trying to exploit the system?
CSAV isn't an Anti-exploit; so it won't do a things against them. For that, you needs softs like HMPA, MBAE or use Windows 10 Exploit Guard

4. Will Cylance add the missing components anytime soon?
i dont think so.
 
D

Deleted Member 3a5v73x

Thread author
Thank you to all that answered my questions. Man, it really is difficult to find inexpensive AV’s that are effective. Looks like I’m going to reconsider G Data again.
Don't be fooled by misinformation. Cylance Smart Antivirus is very good at what it does and protects from, understand that it's been out for home user market for less than a month only.
 

Azure

Level 28
Verified
Top Poster
Content Creator
Oct 23, 2014
1,712
This is a statement from Cylance regarding their engine

"The Cylance engine is not an antivirus engine. Unlike AV, it doesn’t have a bias toward letting everything run. The technology doesn't assume a file is good until it’s evaluated. Our approach is to measure and decide on each and every file individually, and if it doesn't fit into our model of good, it leans towards bad."

You can read the full statement here: Here's why the scanners on VirusTotal flagged Hello World as harmful
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top