Cylance Smart Antivirus

[artek]

I think Stephen Hawking was right. Ai will kill us all. Any true sentient Ai being in its right mind will set out to kill all humans.

I can see the press release right now:

Cylance is proud to release Skylance - A low earth orbit aerial defense grid that creates a veritable net in the sky to stop all manner of airborn threats.

 

[509322]

I can see the press release right now:

Cylance is proud to release Skylance - A low earth orbit aerial defense grid that creates a veritable net in the sky to stop all manner of airborn threats.

"Skylance"... that is a really good one.

 

[Kuttz]

not really, syshardener will block scripts but has zero effect on .exe malwares. If the AV doesn't have good BB, exe malwares can infect easily
OSArmor tweaked can block exe malwares but it has to be set to block unsigned apps => FPs

When you test malwares in the hub you often club Syshardener or OSArmor along with the Anti Virus you test. By pairing those tools one cannot know the true capability of the anti virus you tests. Both those tools considerably reduces the chance of system getting infected, defeating the purpose of testing Anti Virus completely. I often seen in your tests when all other anti-virus systems compromised except your Avast! Free + Syshardener test status as "Protected" My opinion is to test Anti Viruses alone but can use tweaked settings of the Anti Virus if it delivers more protection.

 

[cruelsister]

Rant Begins

Just a few things::

Just a few weeks ago, the argument was that Cylance is a scion of the CIA. But now it is awesome

1). The US Government budgets about 1 billion USD to funding Security and hardware startups. Japan alone budgets over 100 billion USD for the same purpose, and God alone knows how much China allocates through their various entities. In short, if anyone states that because of some miniscule CIA investment a company is a Government pawn please slap them for me. We have to get together to stop ignorance.

2),. Although I love the guys testing in the malware thingy, please understand by the time these tests are actually done the malware is at least D+1 or older, and everyone and their Mommy should detect them by then. A true test of ability is when malware are true Zero-Day and/or freshly coded. For any that attended the "Unbelievable Tour" knows how C did against these things.

3). A product may be artificially intelligence, but one must ask exactly what the IQ is.

Rant Ends

 

[illumination]

2),. Although I love the guys testing in the malware thingy, please understand by the time these tests are actually done the malware is at least D+1 or older, and everyone and their Mommy should detect them by then. A true test of ability is when malware are true Zero-Day and/or freshly coded.

Malware thingy...lol...that is...adorable.

You are 100% correct, while low detection the malware gathered is still upon the radar already having been uploaded to the sites it is pulled from.

This leads me to once again point out that all those youtubers claiming to be using fresh sample less the 24 hours old ect, are delusional as they pull from all these same sites. As you have stated before, they have to be running honeypots or morphing the samples themselves to be gathering the kind of samples needed for complete accuracy of testing...

Have a good evening CS

 

[Evjl's Rain]

When you test malwares in the hub you often club Syshardener or OSArmor along with the Anti Virus you test. By pairing those tools one cannot know the true capability of the anti virus you tests. Both those tools considerably reduces the chance of system getting infected, defeating the purpose of testing Anti Virus completely. I often seen in your tests when all other anti-virus systems compromised except your Avast! Free + Syshardener test status as "Protected" My opinion is to test Anti Viruses alone but can use tweaked settings of the Anti Virus if it delivers more protection.

I know but I test avast+SH because I believe they are the best free combo for complete novice users without having to use a complicated anti-exe
even kaspersky+SH with the same settings would fail in 1 or 2 tests but not for avast+SH as I described how they work: avast's hardened mode blocks all exe malwares, SH blocks all scripts => 100%
avast might not be the best AV, I tested it with tweaked settings alone and everyone knows it's nowhere near kaspersky free

SH completely patches avast's weakness against scriptors
I test them for own purpose

I always test some products with tweaked settings, for example, WD with max settings because people usually say "WD with tweaked is enough, better than third-party AVs". I'm here to answer that question because not everyone is willing to do that

I will test WD in default settings + smartscreen to demonstrate how weak they are and where the weaknesses are

 

[Nestor]

I know but I test avast+SH because I believe they are the best free combo for complete novice users without having to use a complicated anti-exe
even kaspersky+SH with the same settings would fail in 1 or 2 tests but not for avast+SH as I described how they work: avast's hardened mode blocks all exe malwares, SH blocks all scripts => 100%
avast might not be the best AV, I tested it with tweaked settings alone and everyone knows it's nowhere near kaspersky free

SH completely patches avast's weakness against scriptors
I test them for own purpose

I always test some products with tweaked settings, for example, WD with max settings because people usually say "WD with tweaked is enough, better than third-party AVs". I'm here to answer that question because not everyone is willing to do that

I will test WD in default settings + smartscreen to demonstrate how weak they are and where the weaknesses are

Evjl's Rain based on your experience,Avast+SH is more effective than Forticlient+SH as a combination?

 

[Evjl's Rain]

Evjl's Rain based on your experience,Avast+SH is more effective than Forticlient+SH as a combination?

of course, it's even better than kaspersky free+SH

 

[silversurfer]

2),. Although I love the guys testing in the malware thingy, please understand by the time these tests are actually done the malware is at least D+1 or older, and everyone and their Mommy should detect them by then. A true test of ability is when malware are true Zero-Day and/or freshly coded. For any that attended the "Unbelievable Tour" knows how C did against these things.

Some of the testers are usually testing within a few hours after the samples are available to download, so these tests should be more comparable to each other. The tests are done for the average user, all experts don't care, but it might be beneficial for some members here...

 

[509322]

3). A product may be artificially intelligence, but one must ask exactly what the IQ is.

People I have talked to at CMU don't consider it Ai. They more or less think it is a marketing thingy. And that position is not limited to only Cylance. A lot of the Ai claims made everywhere take it all the way to the very edge of what can technically be considered Ai by those who develop Ai. Stating that a coffee maker has artificial intelligence because it can remember your drink of choice and you can get it to make you a cup of coffee all by itself by sending it a text message just doesn't make it real Ai. It's a marketing gimmick. It's more akin to a cheesy 1890s parlor trick. It's taking what has been around for a long time and slapping "Next Gen" on it like it is something new.

 

[Deleted Member 3a5v73x]

People I have talked to at CMU don't consider it Ai. They more or less think it is a marketing thingy. And that position is not limited to only Cylance. A lot of the Ai claims made everywhere take it all the way to the very edge of what can technically be considered Ai by those who develop Ai. Stating that a coffee maker has artificial intelligence because it can remember your drink of choice and you can get it to make you a cup of coffee all by itself by sending it a text message just doesn't make it real Ai. It's a marketing gimmick. It's more akin to a cheesy 1890s parlor trick. It's taking what has been around for a long time and slapping "Next Gen" on it like it is something new.

So, according to you, Cylance isn't an AI security software? What it is then? Same first made bycicle just in different color?

 

[509322]

So, according to you, Cylance isn't an AI security software? What it is then? Same first made bycicle just in different color?

I am not the one saying it. But I do agree, "Next Gen" is a marketing gimmick.

 

[Deleted Member 3a5v73x]

I am not the one saying it. But I do agree, "Next Gen" is a marketing gimmick.

So bycicle isn't "Next Gen" when it was started to made with aluminum frame? At what point in security software development product X can be called as "Next Gen"? Cylance utilizing mathematics to stop malware isn't "Next Gen" approach?

 

[509322]

So bycicle isn't "Next Gen" when it was started to made with aluminum frame? At what point in security software development product X can be called as "Next Gen"? Cylance utilizing mathematics to stop malware isn't "Next Gen" approach?

OK... with that line of reasoning, a steel toothpick is "Next Gen" because it is a new and improved version of the wooden toothpick. It makes Windows Security Essentials "Next Gen" because it was an evolution on what came before it.

The use of mathematics as part of the effort to fight the malware problem is nothing new. Heuristics uses mathematics (more precisely a sub-set of statistical analysis - and there have been very advanced statistical approaches such as stochastic analysis which is the level at which we would probably find Cylance) and heuristics has been used in various capacities in security softs for a long, long time. Like I've said repeatedly.... repacking what is old and giving it a snazzy name to make it seem like it is something new. And average Joes that don't know any better think it is in the same class as alien technology and Area 51.

As for the other stuff posted earlier, I am just repeating the argument made by others here. Others who are in a cutting-edge, academic position to formulate a position on what is and is not Ai.

 

[Nightwalker]

So bycicle isn't "Next Gen" when it was started to made with aluminum frame? At what point in security software development product X can be called as "Next Gen"? Cylance utilizing mathematics to stop malware isn't "Next Gen" approach?

"Traditional" antivirus solutions do that too (since many years ago) and nowdays we have YARA rules, machine learning/neural networks combined with advanced emulation/sandbox.

 

[509322]

1). The US Government budgets about 1 billion USD to funding Security and hardware startups. Japan alone budgets over 100 billion USD for the same purpose, and God alone knows how much China allocates through their various entities. In short, if anyone states that because of some miniscule CIA investment a company is a Government pawn please slap them for me. We have to get together to stop ignorance.

AppGuard INC has various ex-CIA officers and executives on its board as well as others in the company with prior government experience. Furthermore, the government uses or has used our product. And the only conspiracy theory-backdooring-data harvesting-spying ballyhoo that is ever made about it comes from individuals here at MT and over at Wilders.

 

[Deleted Member 3a5v73x]

And average Joes that don't know any better think it is in the same class as alien technology and Area 51.

Right, now I know who am I believing that more advanced race exists other than humans and hoping that AI might help in future computing/technology environment. Dumbass government who uselessly waste 30% of my salary in taxes to use Cylance on their systems. Riot soon in my country, see you in news. :emoji_ok_hand:

 

[509322]

Right, now I know who am I believing that more advanced race exists other than humans and hoping that AI might help in future computing/technology environment. Dumbass government who uselessly waste 30% of my salary in taxes to use Cylance on their systems. Riot soon in my country, see you in news. :emoji_ok_hand:

Let's say Ai progresses to a very high level within the security soft industry. The bad news (there is always a realist side to things) is:

Malc0ders and other malicious actors are just going to turn Ai against the industry and to their great advantage. Just like they have done with just about everything else. Not all malc0ders and malicious actors are poor and unsophisticated... scraping by on the Dark Web. Some have considerable assets such that they can leverage Ai. In fact, they more than likely been have been exploring or using Ai\ML for years.

Things change within the security soft industry, but the cat-and-mouse struggle between the malc0ders and the security soft industry have remained consistently the same for decades. And the malicious actors have always come out on-top against default-allow solutions.

 

[Deleted Member 3a5v73x]

Things change within the security soft industry, but the cat-and-mouse struggle between the malc0ders and the security soft industry have remained consistently the same for decades. And the malicious actors have always come out on-top against default-allow solutions.

Yes, and default-deny e.g. AppGuard is the solution where user needs to lower its protection mode to Install and be certain that before installing/running .exe it is safe with other tools, or else you'll get infected and obviously it's user fault. For business users it's best where IT installs programms for you, configures it and lock downs employees PC. As a low technical skill cap home ape, I'd rather watch and follow development of new default-allow security software made and more advanced Alien Ai.

 

[509322]

Yes, and default-deny e.g. AppGuard is the solution where user needs to lower its protection mode to Install and be certain that before installing/running .exe it is safe with other tools, or else you'll get infected and obviously it's user fault. For business users it's best where IT installs programms for you, configures it and lock downs employees PC. As a low technical skill cap home ape, I'd rather watch and follow development of new default-allow security modules made and more advanced Alien Ai.

The issue you raise here is not one of default-allow versus default-deny.

The software is unimportant. There is no substitute for user knowledge and experience - no matter what the security soft.

What is the user who doesn't know any better to do when their default-allow or default-deny solution does nothing while malware is running on the system but there are signs that most any user can see that something is wrong ? If they don't know then there isn't much that anyone can do for them.

And it is always the user's fault - whether it is default-allow or default-deny.

The solution is not to buy security softs x, y and z and then slap them onto a system.

The only solution is for people to be less dependent upon security softs (still use them, but at least have basic skills). That is the better solution for society, but since educating people who don't want to learn, who want a soft to tell them what to do is an impossible task, there isn't much that the industry can do - despite its best efforts.

Not to mention people are disappointed and keep complaining that their default-allow AV can be or was bypassed. Bypasses are never going to go away. No matter what the technology.

If users "want to use stuff," then they get what they get. Between Windows and users, those are the two predominant reasons why the malware problem is in the current state that we find it.