Serious Discussion Deep Instinct | Deep Learning AI Cybersecurity Platform

[Trident]

What setting should I change? (I'm on the weekend, I'll look at it when I get back)

Sorry for the clownish circling on the screenshot, 99% of time I am on a mobile device. And not Samsung with the S-Pen

The setting is on the same screen that you posted. Under Policy ->Deep Static Analysis tab.
You have 2 settings there — prevention and detection.
Prevention will block the malware as a standard antivirus, detection will just generate an event which will be observed in the console but no action will be taken.
Change “prevention” to “prevent and quarantine moderate level threats and above”.
You are familiar with Eset, they have similar logic in machine learning settings.

Note: these settings apply to executables only as DeepInstinct does not perform deep-learning-based static analysis on other file types except PE and MS Office. Other threats are covered by different components which is typical for prevention-first security products. It will not detect the file as Avast and others would, but will terminate the attack chain.
Under behavioural analysis, suspicious activity monitoring and script protection you will find some interesting settings in this relation.

 

[carl fish]

this program looks very interesting.

is it possible for anyone to get this program?

 

[kamiloxf]

Hello, Is it possible to purchase Deep Instinct software as a home user?

 

[Shadowra]

this program looks very interesting.

is it possible for anyone to get this program?

Hello, Is it possible to purchase Deep Instinct software as a home user?

Yup

Deep Instinct - Cyberforce Security LLC - What is Your Security Plan?

Deep Instinct - Prevention of malicious files at the endpoint is critical to combating the attacker’s biggest advantage — time...

www.cyberforcesecurity.com

 

[tsunami]

Yup

Deep Instinct - Cyberforce Security LLC - What is Your Security Plan?

Deep Instinct - Prevention of malicious files at the endpoint is critical to combating the attacker’s biggest advantage — time...

www.cyberforcesecurity.com

Is this standalone or portal/managed? who manages it? you or them?

 

[simmerskool]

Is this standalone or portal/managed? who manages it? you or them?

I think you manage it, but I suspect that Cyberforce can view your dashboard, but that's only speculation based on email reply I received from tech support yesterday (Saturday)

Question login deepinstinct dashboard: I've logged in a few times already, but some issue with login tonight. Wondering does login only require username and password (& 2fa if you set that up) or does it also inspect your ip address? Would it reject a login from a connection using a vpn? (either I'm taking too many notes, or not enough, working my thru the deployment process )

 

[Jengo]

Just a notice , i get that everyone is excited about this program, but do we actually know who they are ?
I see no Well known customer reviews, well no reviews at all to be honest. And the website hardly has any usefull information ?
They come from another solution thats abandoned already, so how do we know they dont pull the plug soon ?

If anyone can provide me with more detailled info , please....

 

[kamiloxf]

I have a few questions for Deep Instinct - I'm waiting for an answer from CyberForce regarding the purchase of a license
1. How to run a scan of a given computer from the Console or agent
2. Does DeepInstinct have a USB Control module?
3. Is it possible to scan a specific file with DeepInstinct

 

[Trident]

Just a notice , i get that everyone is excited about this program, but do we actually know who they are ?
I see no Well known customer reviews, well no reviews at all to be honest. And the website hardly has any usefull information ?
They come from another solution thats abandoned already, so how do we know they dont pull the plug soon ?

If anyone can provide me with more detailled info , please....

DeepInstinct was originally founded in Tel Aviv, Israel. Today, it is dual listed and headquartered both in Tel Aviv (which is where R&D mostly is) and New York. Lane Bess who is the CEO at the moment was previously with Palo Alto. DeepInstinct has reviews where all other business software is reviewed, which is Gartner:

Deep Instinct Reviews, Ratings & Features 2023 | Gartner Peer Insights

Read the latest, in-depth Deep Instinct reviews from real users verified by Gartner Peer Insights, and choose your business software with confidence.

www.gartner.com

Their momentum was quite quick and their investors include Nvidia, Samsung and LG with HP offering a rebrand (HP Sure Sense).

Deep Instinct nabs $43M for a deep-learning cybersecurity solution that can suss an attack before it happens | TechCrunch

The worlds of artificial intelligence and cybersecurity have become deeply entwined in recent years, as organizations work to keep up with -- and ideally

techcrunch.com

Spoiler

This is more about the founders:

Dr. Eli David – Deep Learning and Evolutionary Computation Researcher

Deep Learning and Evolutionary Computation Researcher

elidavid.com

Nadav Maman - CTO & Co-Founder @ Deep Instinct - Crunchbase Person Profile

Mr. Maman brings 15 years of experience in customer-driven businesses and technical leadership. He has a proven track record in managing tec...

www.crunchbase.com

Guy Caspi - Wikipedia

en.m.wikipedia.org

I am not aware of the founders having abandoned any solutions. Currently, DeepInstinct is one of the few products that can operate at full capacity without constantly querying the cloud. This is what made it desirable for many businesses. It is deep learning applied locally which was revolutionary. Even today, I am not aware of any product performing deep static analysis with no cloud boost. It’s important to be noted that this is business Endpoint Security (not EDR, XDR) and it is also not a solution specifically developed with home users in mind to cover their needs. Users deploy such solutions at their own risk.

 

[ShenguiTurmi]

I have a few questions for Deep Instinct - I'm waiting for an answer from CyberForce regarding the purchase of a license
1. How to run a scan of a given computer from the Console or agent
2. Does DeepInstinct have a USB Control module?
3. Is it possible to scan a specific file with DeepInstinct

1.No.Unless you have set up a full scan schedule task in advance.
2.No.
3.Run it.

Question login deepinstinct dashboard: I've logged in a few times already, but some issue with login tonight. Wondering does login only require username and password (& 2fa if you set that up) or does it also inspect your ip address? Would it reject a login from a connection using a vpn? (either I'm taking too many notes, or not enough, working my thru the deployment process )

I have not encountered a login block. If you don't have it set to force 2FA then you should only need the username and password. I don't have access to VPNs because of country censorship restrictions, but I often use some L7 implementations of encrypted proxies (such as v2ray-vless) and have no problem accessing the deepinstinct console with them.

 

[Trident]

I have not encountered a login block. If you don't have it set to force 2FA then you should only need the username and password. I don't have access to VPNs because of country censorship restrictions, but I often use some L7 implementations of encrypted proxies (such as v2ray-vless) and have no problem accessing the deepinstinct console with them.

I also can’t speak of any blocks as I use DI on a business environment and it is absolutely unthinkable to start playing around with it. I don’t use DI on my personal devices. As to the scans, DI is a product that does not require scanning. This is a strong layer of prevention for business and not a home antivirus.

Scans may still at the administrator’s discretion be scheduled. If it it is a business environment really, for performance reasons I recommend that the times when the task is scheduled are randomised.

 

[ShenguiTurmi]

I also can’t speak of any blocks as I use DI on a business environment and it is absolutely unthinkable to start playing around with it. I don’t use DI on my personal devices. As to the scans, DI is a product that does not require scanning. This is a strong layer of prevention for business and not a home antivirus.

Scans may still at the administrator’s discretion be scheduled. If it it is a business environment really, for performance reasons I recommend that the times when the task is scheduled are randomised.

We use Chinese local security software in the business, which should be very unpopular in Western countries. Called Qi-AnXin Skylar (or TianQin).
DeepInstinct is just a security software I use for personal use, so I can modify the policy at will.

Spoiler: QianxinSkylar

 

[Jengo]

DeepInstinct was originally founded in Tel Aviv, Israel. Today, it is dual listed and headquartered both in Tel Aviv (which is where R&D mostly is) and New York. Lane Bess who is the CEO at the moment was previously with Palo Alto. DeepInstinct has reviews where all other business software is reviewed, which is Gartner:

Deep Instinct Reviews, Ratings & Features 2023 | Gartner Peer Insights

Read the latest, in-depth Deep Instinct reviews from real users verified by Gartner Peer Insights, and choose your business software with confidence.

www.gartner.com

Their momentum was quite quick and their investors include Nvidia, Samsung and LG with HP offering a rebrand (HP Sure Sense).

Deep Instinct nabs $43M for a deep-learning cybersecurity solution that can suss an attack before it happens | TechCrunch

The worlds of artificial intelligence and cybersecurity have become deeply entwined in recent years, as organizations work to keep up with -- and ideally

techcrunch.com

Spoiler

This is more about the founders:

Dr. Eli David – Deep Learning and Evolutionary Computation Researcher

Deep Learning and Evolutionary Computation Researcher

elidavid.com

Nadav Maman - CTO & Co-Founder @ Deep Instinct - Crunchbase Person Profile

Mr. Maman brings 15 years of experience in customer-driven businesses and technical leadership. He has a proven track record in managing tec...

www.crunchbase.com

Guy Caspi - Wikipedia

en.m.wikipedia.org

I am not aware of the founders having abandoned any solutions. Currently, DeepInstinct is one of the few products that can operate at full capacity without constantly querying the cloud. This is what made it desirable for many businesses. It is deep learning applied locally which was revolutionary. Even today, I am not aware of any product performing deep static analysis with no cloud boost. It’s important to be noted that this is business Endpoint Security (not EDR, XDR) and it is also not a solution specifically developed with home users in mind to cover their needs. Users deploy such solutions at their own risk.

Thanks @Trident

 

[Trident]

@ShenguiTurmi what does Qi-AnXin/ TianQin mean? Also, it looks a little bit like WiseVector

Btw are Rising and Kingsoft still a thing in China?

 

[[correlate]]

@ShenguiTurmi what does Qi-AnXin/ TianQin mean? Also, it looks a little bit like WiseVector

Btw are Rising and Kingsoft still a thing in China?

Qi-AnXin is next-generation protection software based on machine learning and boasts a large team of . Qi-AnXin is certified in China and has been used to protect the Winter Games in the past.
Qi-AnXin is known to provide an advanced approach to protection based on intelligent behavioral analysis and using machine learning and artificial intelligence to detect and combat security threats. It analyzes behavioral models of programs, applications, and systems for early detection of malicious activities and cyberattacks.
They also have many solutions designed to protect companies.
There is no comparison to WiseVector
Because the latter does not have any accreditation so far by the Chinese government

 

[Jengo]

@ShenguiTurmi what does Qi-AnXin/ TianQin mean? Also, it looks a little bit like WiseVector

Btw are Rising and Kingsoft still a thing in China?

Wisevector , the data collecting company

 

[ShenguiTurmi]

@ShenguiTurmi what does Qi-AnXin/ TianQin mean? Also, it looks a little bit like WiseVector

Btw are Rising and Kingsoft still a thing in China?

"Qi" is the name of their boss (Qi Xiangdong), he used to be in 360, 360 once the parent company Qihu "Qi" is the same meaning ("Hu" is then another boss of 360 Zhou Hongyi's nickname)
"An" means ”Security“ in Chinese
“Xin" means "Tech" in Chinese

"Tianqing" has an English name, they used to call 360Tianqing when they used "360 Skylar" to participate in international tests (of course, they cheated, this is an afterthought)

Rising is still alive, but I haven't heard of many people still using it.
Kingsoft is also still alive, but after two mergers and demergers, it's not the Kingsoft we knew before. Also they have lost most of their market. The CEO of Kingsoft we know is now the owner of Xiaomi.

In China, individuals use a lot of overseas security software of various kinds, and if they don't want to pay for it, there are 360 and Huorong for Chinese made solutions. wisevector was active in security forums before, but only for that. If you ask 10 people on the street about Wisevector, maybe 9.5 of them will tell you they haven't heard of it.

Chinese companies, especially state-owned ones, are usually not allowed to buy Western security solutions, and if they want to buy solutions from other countries, Kaspersky is almost the only choice. As for Chinese-made solutions, there are many. For example, 360, qi-anxin, antiy, kingsoft, rising, jiangmin (no longer in the home market, but still doing enterprise products), huorong, AsiaInfo (their products come from TrendMicro, they bought the Chinese branch of TrendMicro a few years ago and licensed the patents).

Qi-AnXin is next-generation protection software based on machine learning and boasts a large team of . Qi-AnXin is certified in China and has been used to protect the Winter Games in the past.
Qi-AnXin is known to provide an advanced approach to protection based on intelligent behavioral analysis and using machine learning and artificial intelligence to detect and combat security threats. It analyzes behavioral models of programs, applications, and systems for early detection of malicious activities and cyberattacks.
They also have many solutions designed to protect companies.
There is no comparison to WiseVector
Because the latter does not have any accreditation so far by the Chinese government

I don't know if you have heard of 360's machine learning engine "QVM".
It is very close to "QDE", the machine learning engine of Qi-anxin, in various aspects.
But the reason is also obvious: these two companies used to be one and the same. It comes from a conflict between the two owners of 360, which then split in two. After the split, Qi-anxin focused more on the enterprise and especially the government market, while 360 focused more on the home market. That's why there is 360TS while Qi-anxin doesn't have any products to launch overseas.

 

[[correlate]]

Wisevector , the data collecting company

I do not think so, and I do not like to prejudge others without conclusive evidence
I think they have bad luck

 

[ScandinavianFish]

I do not think so, and I do not like to prejudge others without conclusive evidence
I think they have bad luck

It's possible that they just they just used cybersecurity communities to train their AI. Sure, it was dishonest, but they probably didn't have any real malicious intents. However, only time will tell as their site is still supposedly under maintanence, suggesting that they may still be working with something, meaning we should wait with jumping to conclusions.

 

[simmerskool]

1.No.Unless you have set up a full scan schedule task in advance.
2.No.
3.Run it.


I have not encountered a login block. If you don't have it set to force 2FA then you should only need the username and password. I don't have access to VPNs because of country censorship restrictions, but I often use some L7 implementations of encrypted proxies (such as v2ray-vless) and have no problem accessing the deepinstinct console with them.

Somehow I zigged when I should have zagged and borked my dashboard pw over the weekend. (I blame me and not Di) So far Cyberforce has been timely with good responses, but could have better explained the initial setup more clearly, IMO. Unless you're someone like Shadowra, Trident, Kongo, I think Cyberforce expects a few support tickets from new users. They confirmed that they had not provided me with a key piece of info needed for the deployment.

Also see Deployment Guide sec 4.1 at p11 -- "Di works independently from other IT and security assets...adds an additional layer of security...in augmentation to any other security solutions." They list 8 exclusions to add to your current "security solution" for compatibility. And the Deployment Guide is not as daunting as +300 pages made it sound, it includes info for macOS and Linux too, and various options / variations for doing the same task. They assume you're smart with tech savvy One more cup of coffee should do the trick
PS I used Cyberforce in 2017 with enterprise Cylance, which from their website appears to still be available.