Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Other security for Windows, Mac, Linux
Cylance - Targeted and Bypassed
Message
<blockquote data-quote="Burrito" data-source="post: 825067" data-attributes="member: 72439"><p>[ATTACH=full]217076[/ATTACH]</p><p></p><p>[URL unfurl="true"]https://www.vice.com/en_us/article/9kxp83/researchers-easily-trick-cylances-ai-based-antivirus-into-thinking-malware-is-goodware[/URL]</p><p></p><p>Cylance developed a great machine-learning (ML) algorithm. It's proven to be very effective against malware, particularly 0-day malware. </p><p></p><p>But... I've said multiple times... once Cylance gets big enough that malware developers start targeting it specifically -- then it's like all other AVs. Malware developers can just keep on tweaking until they figure out how to bypass. Although, it is harder to 'tweak to bypass' ML software. You could tweak thousands of times and get nowhere, whereas with signature based products, there are more efficient ways to pack or obfuscate code until you can make it work.</p><p></p><p>Cylance is big enough now. Cylance has grown super rapidly in market share. They may pass Kaspersky in market size soon. </p><p></p><p>[ATTACH=full]217075[/ATTACH]</p><p></p><p>I've also stated that Cylance should be run as a 'module' -- as part of a larger defense strategy. </p><p></p><p>There is a benefit to 'security by obscurity.' If your product is not targeted by malware developers --- obviously that is to your advantage.</p><p></p><p>It's still a great product -- as part of a layered approach.</p><p></p><p>And the Cylance guys need to dive into the code and get this fixed.</p><p></p><p>[ATTACH=full]217077[/ATTACH]</p></blockquote><p></p>
[QUOTE="Burrito, post: 825067, member: 72439"] [ATTACH type="full"]217076[/ATTACH] [URL unfurl="true"]https://www.vice.com/en_us/article/9kxp83/researchers-easily-trick-cylances-ai-based-antivirus-into-thinking-malware-is-goodware[/URL] Cylance developed a great machine-learning (ML) algorithm. It's proven to be very effective against malware, particularly 0-day malware. But... I've said multiple times... once Cylance gets big enough that malware developers start targeting it specifically -- then it's like all other AVs. Malware developers can just keep on tweaking until they figure out how to bypass. Although, it is harder to 'tweak to bypass' ML software. You could tweak thousands of times and get nowhere, whereas with signature based products, there are more efficient ways to pack or obfuscate code until you can make it work. Cylance is big enough now. Cylance has grown super rapidly in market share. They may pass Kaspersky in market size soon. [ATTACH type="full" width="400px"]217075[/ATTACH] I've also stated that Cylance should be run as a 'module' -- as part of a larger defense strategy. There is a benefit to 'security by obscurity.' If your product is not targeted by malware developers --- obviously that is to your advantage. It's still a great product -- as part of a layered approach. And the Cylance guys need to dive into the code and get this fixed. [ATTACH type="full" width="145px"]217077[/ATTACH] [/QUOTE]
Insert quotes…
Verification
Post reply
Top