Serious Discussion Deep Instinct | Deep Learning AI Cybersecurity Platform

[HarborFront]

DI uses its awesome prevention-first approach to detect and block ransomware.

However, no AV/AM is 100% full proof against ransomware (or against other malware). As such does it comes with a files/system/partition/disk rollback (remediation) feature or you need a separate backup and restore tool in the case of any eventuality?

DI vs Bitdefender/Kaspersky/Norton in malware protection. Who is better?

 

[likeastar20]

DI uses its awesome prevention-first approach to detect and block ransomware.

However, no AV/AM is 100% full proof against ransomware (or against other malware). As such does it comes with a files/system/partition/disk rollback (remediation) feature or you need a separate backup and restore tool in the case of any eventuality?

DI vs Bitdefender/Kaspersky/Norton in malware protection. Who is better?

Whatever you can get cheaper

 

[Kongo]

DI uses its awesome prevention-first approach to detect and block ransomware.

However, no AV/AM is 100% full proof against ransomware (or against other malware). As such does it comes with a files/system/partition/disk rollback (remediation) feature or you need a separate backup and restore tool in the case of any eventuality?

DI vs Bitdefender/Kaspersky/Norton in malware protection. Who is better?

I kind of agree with @likeastar20
All of them offer strong malware protection and it's probably not worth paying the extra charge of Deep Instinct as long as you are not just using it to play around with it. For me it's the perfect solution as it's stable, snappy and light on my system that I mainly use for gaming.

 

[simmerskool]

I kind of agree with @likeastar20
All of them offer strong malware protection and it's probably not worth paying the extra charge of Deep Instinct as long as you are not just using it to play around with it. For me it's the perfect solution as it's stable, snappy and light on my system that I mainly use for gaming.

I kinda agree with @Kongo (fwiw) . Once Di has seen the files on your computer, it is snappy and light. In my experience with Di, and not going into specifics at this time, Di does not play well with other layer solutions except for MS Defender features available like SmartScreen... I use Macrium for backups, but I understood @HarborFront was referring to ransomware remediation, and not to regular system backups.

 

[Kongo]

I kinda agree with @Kongo (fwiw) . Once Di has seen the files on your computer, it is snappy and light. In my experience with Di, and not going into specifics at this time, Di does not play well with other layer solutions except for MS Defender features available like SmartScreen... I use Macrium for backups, but I understood @HarborFront was referring to ransomware remediation, and not to regular system backups.

I mean what kind of other security solutions do you want to combine it with? I think Deep Instinct offers strong protection and doesn't require VoodooShield, Malwarebytes or any other 2nd layer of defence. I personally use it with the Windows built in security features only and hardened the Windows Firewall with @Andy Ful Firewall Hardening. Deep Instinct has a very high detection rate when it comes to PE files, it can block all kinds of malicious scripts, and the Firewall Hardening takes care of potential malicious outbound connections through LOLBins. Absolutely no need for any more security layers.

 

[simmerskool]

I mean what kind of other security solutions do you want to combine it with? I think Deep Instinct offers strong protection and doesn't require VoodooShield, Malwarebytes or any other 2nd layer of defence. I personally use it with the Windows built in security features only and hardened the Windows Firewall with @Andy Ful Firewall Hardening. Deep Instinct has a very high detection rate when it comes to PE files, it can block all kinds of malicious scripts, and the Firewall Hardening takes care of potential malicious outbound connections through LOLBins. Absolutely no need for any more security layers.

good info, thanks. sending you a PM.

 

[HarborFront]

I mean what kind of other security solutions do you want to combine it with? I think Deep Instinct offers strong protection and doesn't require VoodooShield, Malwarebytes or any other 2nd layer of defence. I personally use it with the Windows built in security features only and hardened the Windows Firewall with @Andy Ful Firewall Hardening. Deep Instinct has a very high detection rate when it comes to PE files, it can block all kinds of malicious scripts, and the Firewall Hardening takes care of potential malicious outbound connections through LOLBins. Absolutely no need for any more security layers.

Any lab comparison tests of DI vs Bitdefender/Kaspersky/Norton?

How about its false positives?

Since you are using DI can check whether its UI has files rollback feature for ransomware?

Your quote

it can block all kinds of malicious script

Unquote

Don't use the word 'all'. No AV/AM is 100% full proof against malware not even if it has deep AI, ML, BB, heuristics, signature and what not.

From the discussions DI seems

1) To lack an integrated HIPS and firewall
2) No web protection.
3) What non-mainstream browsers does it support? Ungoogled Chromium, Librewolf, Mullvad browser, Brave, Mull, Kiwi etc
4) Does it comes with different types of scans?
5) How about its protection for UEFI and against rootkits/bootkits?
6) Does it scan external USB flash drive/hdd upon insertion?
7) Does it have a whitelisting/application control feature?

I'm comparing DI generally with top-notch AV/AM like Bitdefender, Kaspersky, Norton, ESET etc.

I maybe wrong. Correct me if I'm wrong

 

[simmerskool]

Any lab comparison tests of DI vs Bitdefender/Kaspersky/Norton?

How about its false positives?

Since you are using DI can check whether its UI has files rollback feature for ransomware?

Your quote

it can block all kinds of malicious script

Unquote

Don't use the word 'all'. No AV/AM is 100% full proof against malware not even if it has deep AI, ML, BB, heuristics, signature and what not.

From the discussions DI seems

1) To lack an integrated HIPS and firewall
2) No web protection.
3) What non-mainstream browsers does it support? Ungoogled Chromium, Librewolf, Mullvad browser, Brave, Mull, Kiwi etc
4) Does it comes with different types of scans?
5) How about its protection for UEFI and against rootkits/bootkits?
6) Does it scan external USB flash drive/hdd upon insertion?
7) Does it have a whitelisting/application control feature?

I'm comparing DI generally with top-notch AV/AM like Bitdefender, Kaspersky, Norton, ESET etc.

I maybe wrong. Correct me if I'm wrong

Technically, I'm not the best Di user to go into specifics. I continue to like Di, it seems very capable. At +26 days running on my win10, it had one event that it considered suspicious enough to block based on its behavioral analysis, which could be classified as a false+, but understandable as it blocked a specialty app not widely used, and what is likeable is that its management console provided a lot of info about that event, and ability to create a very narrow exception that allowed that app run while not lowering Di's overall protection. Also the reseller gave me timely & helpful support via email.

 

[HarborFront]

Nobody doing malware test of DI here?

 

[Kongo]

Your quote

it can block all kinds of malicious script

Unquote

Don't use the word 'all'. No AV/AM is 100% full proof against malware not even if it has deep AI, ML, BB, heuristics, signature and what not.

I didn't say that it blocks every malware that you throw at it. I said it blocks all kinds of scripts if configured that way.

Now to your questions:

1. No it doesn't offer a firewall or HIPS
2. No web-protection either
3. What do you mean by support?
4. Only an initial full scan. After that every action performed on the system is monitored and indicated in the UI
5. Can't answer that as it's not idicated in the web-portal

Here the security policies for you:

Spoiler: Policies

 

[Kongo]

Nobody doing malware test of DI here?

There is a "search" function on MalwareTips so that you can easily find whatever you need

Product Review - DeepInstinct Endpoint Security 2023

DeepInstinct is an enterprise antivirus based on AI Machine Learning. DeepInstinct offers an agent with little information, everything is managed from the Dashboard of the software. The configuration is very complete, but let's see how it does. Note that it can be found at HP in OEM under the...

malwaretips.com

 

[Trident]

Nobody doing malware test of DI here?

I personally use Deep Instinct on businesses machines that I manage. These machines are not a playground and it is beyond unthinkable to start downloading malware. I tested it before on a home computer and it was OK in terms of many factors, malware detection being just one of them.

it can block all kinds of malicious script

It blocks all kinda of scripts, not just malicious scripts. It blocks script interpreters from running, for example, you will be unable to open PowerShell if you try.

To lack an integrated HIPS and firewall
2) No web protection.
3) What non-mainstream browsers does it support? Ungoogled Chromium, Librewolf, Mullvad browser, Brave, Mull, Kiwi etc

Nobody uses HIPS on business, there is no way an admin will be sitting all day answering prompts like “Do you allow the application googleupdate.exe to inject code in chrome.exe?”. This is what home users can do if they feel like it. Though tbh HIPS are vanishing in home solutions as well, because they are useless.
There is no Web Protection, this is a prevention solution for business that is supposed to be layered with a host of other technology, best used with a secure gateway that will provide the web filtering.
I know on MalwareTips it is extremely loved by many to install and layer 10 guys doing the same, but on business environments we have better things to do.
Due to the lack of web filtering, there is no browser support and these Ungoogled browsers are not used by any business around the world. If we wanna block Google telemetry, we don’t need a whole browser for that.

5) How about its protection for UEFI and against rootkits/bootkits?
6) Does it scan external USB flash drive/hdd upon insertion?
7) Does it have a whitelisting/application control feature?

Bootkits will be detected prior to their activation which is the main point of preventive solution. Once bootkits are activated, neither Deep Instinct, nor God will help you get your PC clean.
It does scan USB flash drives if you configure it to do so. It is also not extremely difficult to scan it manually.
There is no whitelisting/application control as this is not a reputation-based solution but a static analysis one. It was mentioned in this discussion already that the offline protection is what made DI desirable in the first place. For reputation/whitelisting, have a look at Norton.

 

[HarborFront]

I didn't say that it blocks every malware that you throw at it. I said it blocks all kinds of scripts if configured that way.

Now to your questions:

1. No it doesn't offer a firewall or HIPS
2. No web-protection either
3. What do you mean by support?
4. Only an initial full scan. After that every action performed on the system is monitored and indicated in the UI
5. Can't answer that as it's not idicated in the web-portal

Here the security policies for you:

Spoiler: Policies

View attachment 276093
View attachment 276094

View attachment 276095

View attachment 276096

3. What do you mean by support?

I meant any limitation on the browsers it can/cannot work with like those non-mainstream browsers

From the UI I can see that there's no support for encrypted files rollback if it gets hit by a ransomware

 

[HarborFront]

I personally use Deep Instinct on businesses machines that I manage. These machines are not a playground and it is beyond unthinkable to start downloading malware. I tested it before on a home computer and it was OK in terms of many factors, malware detection being just one of them.

It blocks all kinda of scripts, not just malicious scripts. It blocks script interpreters from running, for example, you will be unable to open PowerShell if you try.

Nobody uses HIPS on business, there is no way an admin will be sitting all day answering prompts like “Do you allow the application googleupdate.exe to inject code in chrome.exe?”. This is what home users can do if they feel like it. Though tbh HIPS are vanishing in home solutions as well, because they are useless.
There is no Web Protection, this is a prevention solution for business that is supposed to be layered with a host of other technology, best used with a secure gateway that will provide the web filtering.
I know on MalwareTips it is extremely loved by many to install and layer 10 guys doing the same, but on business environments we have better things to do.
Due to the lack of web filtering, there is no browser support and these Ungoogled browsers are not used by any business around the world. If we wanna block Google telemetry, we don’t need a whole browser for that.

Bootkits will be detected prior to their activation which is the main point of preventive solution. Once bootkits are activated, neither Deep Instinct, nor God will help you get your PC clean.
It does scan USB flash drives if you configure it to do so. It is also not extremely difficult to scan it manually.
There is no whitelisting/application control as this is not a reputation-based solution but a static analysis one. It was mentioned in this discussion already that the offline protection is what made DI desirable in the first place. For reputation/whitelisting, have a look at Norton.

I'm thinking of it for home use. Top-notch AV/AM like BD, Kaspersky, Norton, ESET etc do have those AI/ML/BB/signature etc and, in addition, has other features like intelligent firewall, privacy monitoring, web filtering etc

Seems to me now that DI lacks many other features.

 

[Kongo]

I'm thinking of it for home use. Top-notch AV/AM like BD, Kaspersky, Norton, ESET etc do have those AI/ML/BB/signature etc and, in addition, has other features like intelligent firewall, privacy monitoring, web filtering etc

Seems to me now that DI lacks many other features.

You can't really compare Deep Instinct that pretty much completely relies on it's AI with for example ESET that is still relying heavily on their signatures. Both have their advantages, but for me personally Deep Instinct is the easier and more simplistic solution.

 

[simmerskool]

Nobody doing malware test of DI here?

I thought Shadowra did one a little while ago, but without looking could be my imagination.

 

[simmerskool]

I didn't say that it blocks every malware that you throw at it. I said it blocks all kinds of scripts if configured that way.

Now to your questions:

1. No it doesn't offer a firewall or HIPS
2. No web-protection either

I can assure you Di blocks internet traffic that it does not like... both in and outbound.

 

[simmerskool]

You can't really compare Deep Instinct that pretty much completely relies on it's AI with for example ESET that is still relying heavily on their signatures.

I agree with this statement having run Di +28 days on my physical win10, I would say Di does more with less, seems to monitor everything but you don't feel it. For me, Di is a nice experience.

 

[Kongo]

I can assure you Di blocks internet traffic that it does not like... both in and outbound.

Example:

 

[Shadowra]

Nobody doing malware test of DI here?

Me

App Review - DeepInstinct Endpoint Security 2023

DeepInstinct is an enterprise antivirus based on AI Machine Learning. DeepInstinct offers an agent with little information, everything is managed from the Dashboard of the software. The configuration is very complete, but let's see how it does. Note that it can be found at HP in OEM under the...

malwaretips.com