Who exactly are fanboys of Cylance? Does asking a question about product momentarily makes me placed in a fanboy list? If it is like that, I understand. I thought it would be interesting to read different opinions. :emoji_disappointed:How many tests do you need in order to prove you fanboys that Cylance still needs a hard work to be close to a "perfect solution"? If you find the Hub testing not realistic I suggest you to do your own tests and share them here. We will be surely amazed by your work!
- Status
- Nov 15, 2016
- 867
@mekelek, was testing CylancePROTECT in the hub back in April-May of this year. He first started testing it without the policy enabled for
Block script threats and instantly terminate
Block and instantly terminate upon memory threat triggers
Block and instantly terminate upon file threat triggers
CylancePROTECT seemed to test poorly before he enabled these in his policy. Afterward Cylance seemed to improve but obviously not perfect.
I'm setting up to test it again. Hope the CPYOU is enuff.
I said day one - pair it with adjuncts and move on. You'll be safe. Anyone can construct bypasses for anything on Windows but the chance of delivery on normal home users is virtually zero as the normal vectors those threats use aren't present. Testing tends to remind me of lock/lock picking aficionados where they rip apart supposedly unpickable locks under ridiculous synthetic situations, then claim the locks suck. Many know better.
The very nature of some here calling people fanboys is not only trolling, but it sets up the premise that the tests may not be completely unbiased. Anyone involved in testing and engineering (as a profession) knows about bias result constructs and selective omissions.
I won't needlessly defend Cylance from all manner of tests, results or opinions because I already said you should pair it to deal with vectors. But I feel that way about all solutions. We must realize that there are many things one must evaluate when deciding on a solution that works for you. Some people demand lightweight, some go for looks, others go for functionality and a couple use Comodo no matter what.
I said day one - pair it with adjuncts and move on. You'll be safe. Anyone can construct bypasses for anything on Windows but the chance of delivery on normal home users is virtually zero as the normal vectors those threats use aren't present. Testing tends to remind me of lock/lock picking aficionados where they rip apart supposedly unpickable locks under ridiculous synthetic situations, then claim the locks suck. Many know better.
The very nature of some here calling people fanboys is not only trolling, but it sets up the premise that the tests may not be completely unbiased. Anyone involved in testing and engineering (as a profession) knows about bias result constructs and selective omissions.
I won't needlessly defend Cylance from all manner of tests, results or opinions because I already said you should pair it to deal with vectors. But I feel that way about all solutions. We must realize that there are many things one must evaluate when deciding on a solution that works for you. Some people demand lightweight, some go for looks, others go for functionality and a couple use Comodo no matter what.
- Dec 29, 2014
- 1,716
Some people demand lightweight, some go for looks, others go for functionality and a couple use Comodo no matter what.
Funny to me that the best/most interesting way I can think of at this point to use Cylance a-v at home (without adding other h/w and/or s/w) is to add it with Comodo to use it in place of Comodo's missing Viruscope.
Seriously, my impression is that it might turn up interesting things, which is great
, but that makes it more like Heimdal for the kernel than an a-v. On the other hand, I can well see the value of running Cylance on a network that is properly configured and monitored, set up with the proper policies etc. Where script is confined by policy, Cylance is basically just noting interesting activity that the others don't detect as potentially dangerous.For home users, I think Cylance might have a bigger challenge, because home users have to be the IT staff themselves, while they tend to know little about the subject. Pairing C-L with OSA still sounds kind of interesting for that situation, but for overall protection, I probably still want Comodo there too, because the protection scheme seems to match best with what Cylance does. I have a PC that I might try this combo on. For now, it's just running Comodo Firewall...
Cylance is overrated (because of its over-biased marketing) and doesn't perform better (or badder) than a classic AV, no need 18 pages and dozen of tests to verify; at page 1, me , @cruelsister and some predicted the fail, it happened as expected.
Cylance Smart AV is a stripped version of CylanceProtect, so those with a bit of knowledge about Cylance didn't expected miraculous results.
- May 26, 2014
- 1,339
I installed it last night and this morning I did a static test on about 40 samples. I had also installed Kaspersky cloud AV.
Kaspersky caught all but the 6 cylance caught. It appears to work like Protect. The files remain after quarantine but are not clickable or accessible.
There was one exe that neither cylance or Kaspersky touched. Later When I get back, I will send that sucker to VT and see if anything flags it.
Kaspersky caught all but the 6 cylance caught. It appears to work like Protect. The files remain after quarantine but are not clickable or accessible.
There was one exe that neither cylance or Kaspersky touched. Later When I get back, I will send that sucker to VT and see if anything flags it.
Cylance causes controversy, like I posted earlier, not necessarily because of the product itself, but instead because of what the people running the company have done and continue to do.
A lot of people will continue the backlash against Cylance as a matter of principle. And those people do not care about whether or not a few security soft geeks are trying to evaluate the product and what the results might be.
A lot of people will continue the backlash against Cylance as a matter of principle. And those people do not care about whether or not a few security soft geeks are trying to evaluate the product and what the results might be.
Cylance seems to hide+lock threats until full qualification is made. Once it's determined (fully) to be malicious, then it's purged. If it is determined safe, or you allow it, then the flags are removed and Cylance unlocks the file right back where it was. This is also why testing must be carefully conducted as many on-demand scanners will detect those benign hidden+locked files as being actual malware sitting there. You can demonstrate this for yourself, download malware, wait for Cylance to lock it for qualification, then scan the folder with HMP or Zemana, the malware will show up as being there. Don't trust secondary scans without manually inspecting the folder each time (AND the temp folders, etc) to make sure the file is actually there, in many cases, it won't be but those scans make make you think the machine isn't clean. I've noticed on 'tests' that secondary scans showing an unclean machine are actually files that are contained but have flags, and still show up on secondary scans. A hit and quarantine, reported as a miss.
- Sep 3, 2017
- 825
the last lines are true..MBAM and many SOS flagged scheduler tasks by malware with out anything inside that folder ..they are 0 bytes..
which indicates too rigid blind signature based detection..MBAM especially oh god!!
- May 9, 2015
- 630
Cylance is hyped to be "revolutionary", and "next gen" but in reality another Anti-Virus. People should drop this meaningless thread it already too much boring
Final Version of the Software. You acknowledge that any Free Software may contain features, functionality or modules that will not be included in the final production version of the Software. Cylance reserves the right to change, modify or discontinue functions or features of the Software in the final production version.
Does this mean that the temporary free promo version is actually a beta?
Does this mean that the temporary free promo version is actually a beta?
Beta? Possible.
But getting it out there into millions of hands = brilliant for increasing the data fed into their AI/ML systems though. What do you think the purpose of FortiClient for Free is? Not generosity. Avast/AVG does this but for advertising/telemetry/datamining.
But getting it out there into millions of hands = brilliant for increasing the data fed into their AI/ML systems though. What do you think the purpose of FortiClient for Free is? Not generosity. Avast/AVG does this but for advertising/telemetry/datamining.
Last edited by a moderator:
I'm kind of confused here. How are two people doing the same test and getting completely different results?
You're right. We should all just use F-Prot or VBA32 and stop being obsessed with new security software. Heck, we should all use flip phones, wear bell bottoms, drive our cars from highschool, and game on Commodore Vic 20's.. It's a disease to not be this way.
We should probably focus on positive, beneficial discussion. Not attacking people in the thread and in some cases, others exhibiting an almost uncanny bias. It's rather unbecoming IMO, but I hope the thread doesn't get locked and maybe people can tone it down.
I think it's refference to accounts/trials like this USA 2018 election campaign, because "Buy Now" button doesn't work in those accounts.
- May 9, 2015
- 630
I never attacked anyone here. I only expressed my opinion and you made a weird indirect reference to my comment and later you edited your post to something else to cover it up.
he doesn't have the samples so he couldn't test it. He just assumed after the VM resource is corrected, cylance would get 100% => which is completely wrong
cylance smart AV doesn't support fileless malware protection (as tests have shown so far, not sure how it will change) so it is impossible for it to get 100%
- Status
Similar threads
