Cylance Smart Antivirus

[509322]

I agree. The peranoia is really high and it doesn't need to be. There's so much talk about software and extensions and barely any talk about safe habits and practices because like it or not, they are just as important, if not more important than software/extensions IMO. Every piece of software is going to have pros and cons, nothing is perfect, nor are they going to protect you 100% of the time if you practices unsafe habits. There are tons of great pieces of software/extensions out there to use, pick what you like, learn how they work, practice safe habits and there's a very, very high probability you will be safe.

That's because most people on the forums want to play with security softs and chase the supposed latest and greatest. That's the number one priority.

And within a short period of time the latest and greatest turns out to be same-old, same-old.

It's a never-ending, vicious cycle.

 

[509322]

I would really like to see the testers results as well. It appears at least a couple have mentioned their interest in your offer.

Running simple detection tests using Malware Hub samples isn't going to prove anything. It is against advanced attacks where it fails. And testers here don't know how to test at that level.

When I was a Wilders under different nickname, I think I was the only one using it at the time. It was being sold to home users through malewaremanaged. They even had a couple reps there. Now I see they have stopped selling it and are now selling Sentinel One.
Cut yes everybody was bashing it there too. ForgottenSeer 58943? Maybe you could get a rep from Cylance to come here and get chased away like Malewaremanaged was over at Wilders.
Also remember this from 2016? Cylance® Announces $100 Million Series D Funding Round led by Blackstone Tactical Opportunities and Insight Venture Partners

Malware Managed left MT because everyone kept complaining that they couldn't get a 30 day trial. Malware Managed got sick-and-tired of all the whining. Malware Managed didn't leave because the product was terribly bashed.

 

[509322]

If Cylance is so awesome, then people should put their money where there mouths are. Make their IP addresses publicly available and forward ports from the router and, with just Cylance installed, just watch how well it protects their systems.

It would be really, really... really stupid to do it.

 

[ForgottenSeer 58943]

Although CylancePROTECT does a pretty good job when it comes to AI based malware detection it can also be levered out: Curtis' Blog: Bypassing Next Gen AV During a Pentest

That post is silly. It reminds me of these Lock Picking Youtube 'exspurts' that claim to be able to pick unpickable locks. Then you watch them fail at it, endlessly. So they pull the lock out of the shroud, rip it apart, examine the key drops, then re-assemble it leaving the shroud off, toss it in a vice, then spend 3 straight days trying to pick it then claim victory under totally unrealistic circumstances that would never be repeated in the real world. You know, the real world where locks are in shrouds, on doors facing a street with unknown key valleys where you can't stand in front of a door for 3 days without attracting attention.

Cylance attracts these kinds of kids because Cylance makes claims, and youtube exspurts want to boast. But it's all really meaningless. At least that guy admitted Cylance is 'tough' and tends to snag their secret sauce magical tools that don't show up on Virustotal.

Running simple detection tests using Malware Hub samples isn't going to prove anything. It is against advanced attacks where it fails. And testers here don't know how to test at that level.

Depending on the advanced attack, every AV or security product might fail. That's not saying much. But for general attacks with unknown malware not on VT, I agree with the exspurt above, it's quite robust at detecting those, as well as detecting things like update channel compromises and modifications of existing malware. If you are worried about advanced attacks then Windows probably isn't a good choice to begin with, regardless of what security you are using.

I'm still waiting for someone to take up my hub offer..

 

[ForgottenSeer 58943]

If Cylance is so awesome, then people should put their money where there mouths are. Make their IP addresses publicly available and forward ports from the router and, with just Cylance installed, just watch how well it protects their systems.

It would be really, really... really stupid to do it.

What's the point of this? You are essentially asking someone to expose their WAN, then PF everything into an endpoint? I don't care what system you are running, or what security is in place, you are generally going to regret this decision. Did someone make the claim Cylance will protect you on a DMZ? I certainly didn't - our guys owned it on a DMZ because it's pretty well established Cylance doesn't have a firewall, traffic scanning, IPS or sock/port awareness.

That's just silly.

 

[509322]

That post is silly. It reminds me of these Lock Picking Youtube 'exspurts' that claim to be able to pick unpickable locks. Then you watch them fail at it, endlessly. So they pull the lock out of the shroud, rip it apart, examine the key drops, then re-assemble it leaving the shroud off, toss it in a vice, then spend 3 straight days trying to pick it then claim victory under totally unrealistic circumstances that would never be repeated in the real world. You know, the real world where locks are in shrouds, on doors facing a street with unknown key valleys where you can't stand in front of a door for 3 days without attracting attention.

Cylance attracts these kinds of kids because Cylance makes claims, and youtube exspurts want to boast. But it's all really meaningless. At least that guy admitted Cylance is 'tough' and tends to snag their secret sauce magical tools that don't show up on Virustotal.



Depending on the advanced attack, every AV or security product might fail. That's not saying much. But for general attacks with unknown malware not on VT, I agree with the exspurt above, it's quite robust at detecting those, as well as detecting things like update channel compromises and modifications of existing malware. If you are worried about advanced attacks then Windows probably isn't a good choice to begin with, regardless of what security you are using.

I'm still waiting for someone to take up my hub offer..

Most people here are looking for advanced attack protection. And, unfortunately, falsely believing that they can get it by merely buying and installing a security soft.

 

[509322]

What's the point of this? You are essentially asking someone to expose their WAN, then PF everything into an endpoint? I don't care what system you are running, or what security is in place, you are generally going to regret this decision. Did someone make the claim Cylance will protect you on a DMZ? I certainly didn't - our guys owned it on a DMZ because it's pretty well established Cylance doesn't have a firewall, traffic scanning, IPS or sock/port awareness.

That's just silly.

It's not silly. It is representative of the "Cylance is so awesome" promotion that will happen here. I know how it was promoted here in the past. And now will be no different.

 

[ForgottenSeer 58943]

It's not silly. It is representative of the "Cylance is so awesome" promotion that will happen here. I know how it was promoted here in the past. And now will be no different.

Well let's nip this in the bud now.. Cylance ain't going to be a pancea unless you combine it with things. I promise it will disappoint. I double promise it will disappoint. It might ace pack testing though.

Cylance is perfectly capable behind an enterprise network with a qualified upper quadrant UTM/NGFW on a managed AD and vlans. In fact, it's probably pretty darn great under those conditions with proper IT management! So given the home edition, which might be shoved behind a crappy D-Link or Tenda router, I'd be pretty cautious and actually wouldn't recommend it. So my recommendation would be - if you want to deploy Cylance in the home - to get a UTM (Fortinet, Untangle, Watchguard, Sonicwall, Sophos XG, etc) or UTM-Like appliance (Gryphon, ASUS w/AiProtect, Netgear w/Bit Defender, etc) before considering this. That way the heavy lifting of traffic scanning, URL filtration, IPS and other fun things will be handled for your endpoints (and Cylance). If not using it under those conditions (UTM/UTM-Like) then you may want to consider Heimdal, Comodo FW, or something else along with it. That's just my opinion.

By god though, drop Cylance behind a Gryphon or Untangle (ZVelo), or if you can swing a Sophos XG or Fortinet and you'll be really really happy with the results, I think.

 

[ForgottenSeer 69673]

Malware Managed left MT because everyone kept complaining that they couldn't get a 30 day trial. Malware Managed got sick-and-tired of all the whining. Malware Managed didn't leave because the product was terribly bashed.

That's right, but they still had a one month refund.

I have to say, I am not familiar with the new personal Cylance AV because I was using CylancePROTECT and don't know how they compare. AS I also mentioned, I don't use it anymore. Also as ForgottenSeer 58943 mentioned, it needs to be paired with a good router and something for web sites such as Hemidal. Next, I don't get my samples from MT hub.

 

[ForgottenSeer 72227]

That's because most people on the forums want to play with security softs and chase the supposed latest and greatest. That's the number one priority.

And within a short period of time the latest and greatest turns out to be same-old, same-old.

It's a never-ending, vicious cycle.

I too have noticed this since joining. Don't get me wrong, I'm not some old curmudgeon thinking like " back in my day we use to fend off malware with nothing other than a stick and a couple of rocks ( grampa voice ). I'm not in anyway against people trying out new software, but I agree that it seems like every week theres something new, it's going to fix all your problems, meanwhile like you said it eventually ends up being the same old. I think it's why not only myself, but a few others here are trying to get the community to focus a little less on software/extensions and a bit more on education. Also trying to emphasize that regardless of your setup, you still need to practice safe computing habits.

 

[ForgottenSeer 69673]

Malware Managed left MT because everyone kept complaining that they couldn't get a 30 day trial. Malware Managed got sick-and-tired of all the whining. Malware Managed didn't leave because the product was terribly bashed.

They don't even offer CylancePROTECT any longer, they offer Sentinel One. If you look at VT, Sentinel One catches pretty much the same stuff as Cylance. I don't see anyone here bashing or promoting Sentinel One here.

 

[509322]

That's right, but they still had a one month refund.

I have to say, I am not familiar with the new personal Cylance AV because I was using CylancePROTECT and don't know how they compare. AS I also mentioned, I don't use it anymore. Also as ForgottenSeer 58943 mentioned, it needs to be paired with a good router and something for web sites such as Hemidal. Next, I don't get my samples from MT hub.

I've had a Cylance Enterprise license. So I am familiar with it.

They don't even offer CylancePROTECT any longer, they offer Sentinel One. If you look at VT, Sentinel One catches pretty much the same stuff as Cylance. I don't see anyone here bashing or promoting Sentinel One here.

Malware Managed was sold... and the new owners ended up not wanting Cylance.

Sentinel One doesn't get promoted here because people here can't get their hands on it. If they did, Sentinel One would be next great thing on MT.

 

[ForgottenSeer 69673]

Malware Managed was sold... and the new owners ended up not wanting Cylance.

Yes they knew Cylance was going to create their own personal version and would not need them anymore. May I ask a question? Why did you have a Cylance Enterprise license? Was it on Appguards servers?

 

[509322]

I too have noticed this since joining. Don't get me wrong, I'm not some old curmudgeon thinking like " back in my day we use to fend off malware with nothing other than a stick and a couple of rocks ( grampa voice ). I'm not in anyway against people trying out new software, but I agree that it seems like every week theres something new, it's going to fix all your problems, meanwhile like you said it eventually ends up being the same old. I think it's why not only myself, but a few others here are trying to get the community to focus a little less on software/extensions and a bit more on education. Also trying to emphasize that regardless of your setup, you still need to practice safe computing habits.

Typical forum members don't want to learn. Their priority is to collect and play with security softs... because they think the next security soft will be the greatest thing since money was first minted. The next security soft will have less bugs, it will be more convenient, it will have less annoyances, it will be the answer to all their wants and needs.

It's all about "What's the best AV ?"

 

[509322]

Yes they knew Cylance was going to create their own personal version and would not need them anymore. May I ask a question? Why did you have a Cylance Enterprise license? Was it on Appguards servers?

I bet the reason MalwareManaged was sold is much more simple... they weren't making money and\or the previous owner didn't want to deal with the rigmarole (hassle).

I bought it to evaluate it via industry connections. And then promptly ditched it before the 30 days were up.

 

[ForgottenSeer 72227]

Typical forum members don't want to learn. Their priority is to collect and play with security softs... because they think the next security soft will be the greatest thing since money was first minted. The next security soft will have less bugs, it will be more convenient, it will have less annoyances, it will be the answer to all their wants and needs.

It's all about "What's the best AV ?"

It's sad, but true!

 

[AlanOstaszewski]

It is sad but true that we are discussing many antivirus solutions, but the included MS Defender is sufficient. But then there are people who ignore updates, download everything and ignore warnings like UAC. Then it's always Microsoft's fault.

 

[ForgottenSeer 69673]

Some people get bored and like to test different products in a VM. It is like an addiction. Maybe they should open a AA for Bored testers here?
If you to look at my original nickname at wilders, it shows I started on 2002 but I remember going there in the late 90's on dialup, so I am not new to this by any means. But have basically used computer since 1985. Not counting the Sinclair 1000 I had in the early 80's

 

[ForgottenSeer 69673]

OFF TOPIC just for a second and I won this and did not pay 99 bucks for it. WOW!!!!! 1 to 2 k of RAM.

"
Timex Sinclair 1000
The Timex Sinclair 1000 was the first computer produced by Timex Sinclair, a joint venture between Timex Corporation and Sinclair Research. It was launched in July 1982, with a US sales price of US$99.95, making it the cheapest home computer at the time; it was advertised as "the first computer under $100". The computer was aimed at regular home users. Unlike earlier computers aimed at home users, the TS1000 was not a kit which had to be soldered and assembled. As purchased, the TS1000 was fully assembled and ready to be plugged into the users' home TV. The TS1000 was a slightly-modified version of the Sinclair ZX81 with an NTSC RF modulator, designed for use with North American TVs, instead of the UK PAL RF modulator which was used for units sold in Portugal. The TS1000 doubled the onboard RAM from 1 KB to 2 KB. The TS1000's casing had slightly more internal shielding but remained the same as Sinclair's, including the membrane keyboard. It had black-and-white graphics and no sound. It was followed by an improved version, the Timex Sinclair 1500 which had substantially more RAM and a lower price. However, the TS1500 did not achieve market success, given that the marketplace was by this time dominated by Commodore, RadioShack, Atari and Apple. "

 

[509322]

It is sad but true that we are discussing many antivirus solutions, but the included MS Defender is sufficient. But then there are people who ignore updates, download everything and ignore warnings like UAC. Then it's always Microsoft's fault.

No matter what happens on a system using any OS or soft, it is always the user's fault. Read the EULA.

Microsoft created the monster that is Windows. Microsoft is the one who made Windows what it is. Therefore, it is responsible for the current pathetic state of affairs. The only way to change that is for users to stop using Windows. Only then will Microsoft take notice and really change things.