Serious Discussion Deep Instinct | Deep Learning AI Cybersecurity Platform

Xeno1234

Xeno1234

Level 14
Jun 12, 2023
684
Brain.exe said:
Deep instinct constantly beats or equals top-level performers such as harmony. and it isnt even a full antivirus.. just ngav. And it has the best script blocking in ANY ngav ive seen.
Click to expand...
I like CheckPoint Harmony more. DI false positived 10+ times on my system, Harmony has only False Positived once. However, due to DI's aggressiveness, you can probably configure it to block basically all malware.
 
  • Like
Reactions: Dave Russo
Xeno1234

Xeno1234

Level 14
Jun 12, 2023
684
Trident said:
And with Check Point Application Control this time so they are equal with DI maxed.
Click to expand...
I'd say there on a equal level already. DI will flag more things and detect more if maxed, but it will FP TONS. CheckPoint also has Phishing Protection and Threat Emulation, DI does not.
 
  • Like
Reactions: Dave Russo
Kongo

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,585
Xeno1234 said:
I'd say there on a equal level already. DI will flag more things and detect more if maxed, but it will FP TONS. CheckPoint also has Phishing Protection and Threat Emulation, DI does not.
Click to expand...
Fair call that it doesn't offer phishing protection which definitely is a downside, but idc that it doesn't have fancy features like Threat Emulation as long as the malware is blocked. Would love to try CheckPoint too one day, but I will stick with Deep Instinct as it's just running so smoothly for me.
 
  • Hundred Points
Reactions: simmerskool
simmerskool

simmerskool

Level 36
Verified
Top Poster
Well-known
Apr 16, 2017
2,599
Xeno1234 said:
I'd say there on a equal level already. DI will flag more things and detect more if maxed, but it will FP TONS. CheckPoint also has Phishing Protection and Threat Emulation, DI does not.
Click to expand...
I must have (or maintain) a really clean system :unsure::whistle:as I had one false+ on win10 with DeepInstinct in +164 days. And that Di block was understood after the fact and reasonable imo. Di is running on my Host and Checkpoint Harmony on the Guest VM I run 98.5% of the time.
 
  • Like
Reactions: Trident
simmerskool

simmerskool

Level 36
Verified
Top Poster
Well-known
Apr 16, 2017
2,599
Brain.exe said:
SO rn im using deepinstinct alone with no secure dns. I will use quad9 ,but for some reason links from openphish never get blocked by it.. like 1 will
And i want to use a firewall which one?
Click to expand...
fwiw, I'd stick with windows firewall, perhaps with one of Andy Ful's tools to harden the firewall...
 
  • Like
Reactions: Kongo
simmerskool

simmerskool

Level 36
Verified
Top Poster
Well-known
Apr 16, 2017
2,599
Brain.exe said:
checkpoint has a bit more technologies including signatures, comes at the cost of performance since it made my system so slow after
Click to expand...
fwiw, I run Checkpoint in VMware win10 Guest and only time I see any slowdown is when it is analyzing a downloading file in its cloud in real time and I am more than ok with that.
 
  • Like
Reactions: Trident
Xeno1234

Xeno1234

Level 14
Jun 12, 2023
684
Brain.exe said:
ive used S1, elastic, checkpoint, kaspersky, bitdefender gravityzone, apex one, cortex xdr. and malwarebytes edr. Only harmony or cortex can compare


yeah true, theres no phishing or quarantine in the UI, it is very simple
Click to expand...
Does Cortex have a free trial? It looks interesting.
 
Shadowra

Shadowra

Level 36
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,586
Hello :)

As a DeepInstinct user, I'm here to give you my full opinion. It was installed on 2 PCs (now 1).

Installation :

Installation is very simple. You give the console server, the token and it installs.

Protection:

This is a strong point and a weak point....
In terms of protection, DeepInstinct is for me the best. Having it on my crash-test PC, DeepInstinct always detected and blocked the threats I submitted to it. When some of them tried to install themselves, Deep blocked them in the AppData, and the PC was always clean.
But, on my personal PC, Deep also annoyed me... And here's the kicker:

False positives! I had several.
Mostly on games (Star Citizen, Genshin Impact, Fortnite, Overwatch 2, Valorant, XDefiant) .
DeepInstinct detected Star Citizen, Genshin Impact, XDefiant and Fortnite as Trojan.... wtf?
The others were detected via the behavioral module...

When I got fed up with it, during the Filmora update, it destroyed several configuration files because the AI detected them as PUPs! Had to uninstall / reinstall Filmora with complete reconfiguration....

On my personal PC, I ended up uninstalling it and reverting to my previous antivirus. But I keep it on my crash-test PC because that's where I have fun with malware.
 
  • +Reputation
  • Like
  • Hundred Points
Reactions: Jonny Quest, Gandalf_The_Grey, roger_m and 2 others
Xeno1234

Xeno1234

Level 14
Jun 12, 2023
684
Shadowra said:
Hello :)

As a DeepInstinct user, I'm here to give you my full opinion. It was installed on 2 PCs (now 1).

Installation :

Installation is very simple. You give the console server, the token and it installs.

Protection:

This is a strong point and a weak point....
In terms of protection, DeepInstinct is for me the best. Having it on my crash-test PC, DeepInstinct always detected and blocked the threats I submitted to it. When some of them tried to install themselves, Deep blocked them in the AppData, and the PC was always clean.
But, on my personal PC, Deep also annoyed me... And here's the kicker:

False positives! I had several.
Mostly on games (Star Citizen, Genshin Impact, Fortnite, Overwatch 2, Valorant, XDefiant) .
DeepInstinct detected Star Citizen, Genshin Impact, XDefiant and Fortnite as Trojan.... wtf?
The others were detected via the behavioral module...

When I got fed up with it, during the Filmora update, it destroyed several configuration files because the AI detected them as PUPs! Had to uninstall / reinstall Filmora with complete reconfiguration....

On my personal PC, I ended up uninstalling it and reverting to my previous antivirus. But I keep it on my crash-test PC because that's where I have fun with malware.
Click to expand...
For me, as a person who uses my own PC basically only for gaming, DI really wont be for me.
There are other solutions like Checkpoint, Kaspersky, or ESET that provide good protection without flagging every game you own. I installed DI myself and it false positived, flagging some of my security tools along with Fall Guys and part of Xbox Game Bar.
I think DI is good in terms of protection, and although it was bypassed on this forum once by a stealer Kaspersky detected, one malware shouldnt deter you from a product.

If you need security, go with this. Otherwise, go for a more "polished" and accurate solution instead.
 
  • Like
Reactions: roger_m and Shadowra
Kongo

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,585
Shadowra said:
Hello :)

As a DeepInstinct user, I'm here to give you my full opinion. It was installed on 2 PCs (now 1).

Installation :

Installation is very simple. You give the console server, the token and it installs.

Protection:

This is a strong point and a weak point....
In terms of protection, DeepInstinct is for me the best. Having it on my crash-test PC, DeepInstinct always detected and blocked the threats I submitted to it. When some of them tried to install themselves, Deep blocked them in the AppData, and the PC was always clean.
But, on my personal PC, Deep also annoyed me... And here's the kicker:

False positives! I had several.
Mostly on games (Star Citizen, Genshin Impact, Fortnite, Overwatch 2, Valorant, XDefiant) .
DeepInstinct detected Star Citizen, Genshin Impact, XDefiant and Fortnite as Trojan.... wtf?
The others were detected via the behavioral module...

When I got fed up with it, during the Filmora update, it destroyed several configuration files because the AI detected them as PUPs! Had to uninstall / reinstall Filmora with complete reconfiguration....

On my personal PC, I ended up uninstalling it and reverting to my previous antivirus. But I keep it on my crash-test PC because that's where I have fun with malware.
Click to expand...
Relatable opinion. If you don't install new software regularly it will suit u well. If you install software on a daily/weekly basis, it can be pretty annoying. But one thing I need to mention: Deep Instinct always restores files from the quarantine if they get a "safe" determination after a few days. And you will get a popup to notify you, that the file got restored. Happened multiple times to me.
 
  • Like
  • +Reputation
Reactions: roger_m and Shadowra
simmerskool

simmerskool

Level 36
Verified
Top Poster
Well-known
Apr 16, 2017
2,599
Shadowra said:
Hello :)


In terms of protection, DeepInstinct is for me the best.
...
False positives! I had several.
Click to expand...
fwiw I said it before and I'll probably say it again, happy to report that on my win10 hardware pc running DeepInstinct** +191 days and counting, 1 false positive, but I don't run games, and 99% of online is done in VMware running VM of the day with each VM having different malware security. For me, VS/CL and Di "seem" incompatible which may or may not be a 2d false positive, but haven't figured why, so Di is solo primary on real win10 with Defender in background. The original FP was a "block" that was fixed with a tweak to Di management console. I suppose if I was running pc harder, I'd have more FP :unsure:
(PS I also have Di on a VM, but don't run it very often -- but I could)
** Di graciously configured with help of @Kongo & @Trident, and tech at reseller cyberforce. (@Shadowra provided some insight into VMware) Thanks again... :D
 
  • Applause
  • Like
Reactions: roger_m, Trident, Kongo and 1 other person
Shadowra

Shadowra

Level 36
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,586
Kongo said:
Click to expand...


I don't really agree with him.

DeepInstinct has been configured to detect high-risk threats... I've seen DI block medium- and low-risk malware because it thought they were PUPs... so its setting needs to be reviewed for me.

Bombarding the VM with a Bat or Python script is useless, as the interceptor won't have the time to process everything (this is often the case with Malwarebytes and especially DI).

Testing phishing with DI when it has no Web filtering is useless.

And finally, it uses Hitman pro, which is not at all revealing, given that it has used attack in VBS or Macron in XLS...
 
  • +Reputation
  • Like
Reactions: ShenguiTurmi, roger_m, simmerskool and 2 others
Kongo

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,585
Shadowra said:
I don't really agree with him.

DeepInstinct has been configured to detect high-risk threats... I've seen DI block medium- and low-risk malware because it thought they were PUPs... so its setting needs to be reviewed for me.

Bombarding the VM with a Bat or Python script is useless, as the interceptor won't have the time to process everything (this is often the case with Malwarebytes and especially DI).

Testing phishing with DI when it has no Web filtering is useless.

And finally, it uses Hitman pro, which is not at all revealing, given that it has used attack in VBS or Macron in XLS...
Click to expand...
I need to defend him in one point tho. He cofigured Deep Instinct in the way to block low-level threats and above, but when he disabled the protection for a minute, it was reset and he didn't seem to notice. Happened to me too.

In terms of web-protection I agree with you. Deep Instinct failed in the phishing test, as it doesn't have any web-protection. But saying that Malwarebytes wins in the malware web-protection test just because it blocks the website itself, simply isn't true. Deep Instinct blocked all the downloads equally. So it should be a draw.
 
  • +Reputation
  • Like
Reactions: ShenguiTurmi, simmerskool, Dave Russo and 2 others
nickstar1

nickstar1

Level 9
Verified
Well-known
Dec 10, 2022
410
Malwarebytes have been working hard on improvements to detection lately and don't forget that it was said that a new detection feature will be implemented after the general release of 5.0. Also if he had browser guard installed it may have blocked those missed sites as it's more aggressive.
 
  • Like
Reactions: ShenguiTurmi, simmerskool and Dave Russo

Similar threads

Kongo
    • Like
    • +Reputation
    • Hundred Points
  • Locked
Malware Analysis Another Evasive Discord Token Stealer Disguised as PC game 🎮☠️
Replies
32
Views
2,102
Malware Analysis
struppigel
struppigel
cartaphilus
Serious Discussion What USB boot style scanners besides ESET still exist and is there still a multiscanner USB tool?
Replies
13
Views
631
General Security Discussions
ForgottenSeer 114834
F
Trident
    • +Reputation
    • Thanks
New Update Announcing End of Life for Kaspersky Engine in Harmony Endpoint
Replies
14
Views
1,244
Other security for Windows, Mac, Linux
Trident
Trident

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top