Dani Santos

From Xvirus
Verified
Developer
Most big companies (Avast,Kaspersky, ect) use some sort of Machine Learning ("AI") when scanning for new malware. They just don't rely 100% on it like this new products that market "Artificial intelligence" as a "perfect god" that will remove all malware from the world. That's just their marketing plays to put themselves on the market. Signature will never be obsolete., because there is no best between Signatures/heuristics(Static analysis), behavioral analysis and Machine Learning. All techniques of detecting malware will always have their pros and cons.
 

Arequire

Level 25
Verified
Content Creator
I'm less interested in these "next-gen" AV vendors with their Second Coming marketing drivel and more interested in what happens when blackhats start integrating machine learning into their repertoire.
 

Cohen

Level 7
Verified
For the average person who doesn't download very much and doesn't stray too far from the websites, they're comfortable on (Facebook, Youtube, Reddit, etc.), I'd say using signatures for malware detection will keep them safe.
For people who are more curious about malware and the internet or companies, things such as Default-Deny products and Emsisoft's Behaviour Blocker are possibly more necessary to keep their system safe.
 

shmu26

Level 85
Verified
Trusted
Content Creator
You have said this many times, and again, I will say:
It does at first as it is learning, but as with VoodooShield, the FP's go away.
As an actual user I can tell you I don't hear anything FP related from it these days.
I did for the first "approximately" 90 days maybe and it was intermitten not constant FP's.
I compare it to the FP's of VS because it was a similar pattern, and duration but as we know they
are two very different software. Just wanted to make myself very clear ;)
You are right, the FPs do go away. They do not interfere with a good user experience. I only mentioned FPs in order to put this product's impressively high detection rate into proper perspective.
 

Amelith Nargothrond

Level 12
Verified
With all my respect for the machine learning, and for its great importance in cybersecurity, I think the most effective approach is multi-layered.
The antivirus should use signatures, behavioral analysis, sandbox, and yes, even machine learning.
Agreed 100%. Malware is way too unpredictable. It's like a battlefield, where you need infantry, marines, the air force, etc. to win a war, which we call security layers. It's complicated with the beginner user in mind though, who doesn't have the infrastructure, resources or knowledge to think like this.
 
Last edited:

Peter2150

Level 7
Verified
Well for me the detection rate of this product is ZERO! They won't let me test it so it can't detect anything. Besides for me 99% isn't acceptable. I run a small business and have critical data on my machines. I can't accept a 1% risk. Is that possible. I think so. But that is not for this thread.
 

mekelek

Level 28
Well for me the detection rate of this product is ZERO! They won't let me test it so it can't detect anything. Besides for me 99% isn't acceptable. I run a small business and have critical data on my machines. I can't accept a 1% risk. Is that possible. I think so. But that is not for this thread.
sure you can get 100% with a hermetically sealed offline computer.
 

Amelith Nargothrond

Level 12
Verified
you can't have the whole cake unfortunately.
Questionable. Depends on what cake are you willing to accept for dinner.

Well for me the detection rate of this product is ZERO! They won't let me test it so it can't detect anything. Besides for me 99% isn't acceptable. I run a small business and have critical data on my machines. I can't accept a 1% risk. Is that possible. I think so. But that is not for this thread.
Agreed. But the weak point will always be the space between the keyboard and the chair, unless that space is filled with void. So you have to get ready for disaster mitigation as best as you can...
 
A

acemnr suvwxz

DeepArmor produces lots and lots of FPs.
Yes, it produces lots of FPs. Many programs get 50% & above score. For average users, the score is nothing & kinda FPs or detection. For knowledgeable users, the score could be helpful to take action or further analyse the sample.
 

Peter2150

Level 7
Verified
sure you can get 100% with a hermetically sealed offline computer.
Nope it is actually possible. But it's not detection it's preventing anything getting on in the first place. Also it's not an install and forget it solution. It takes a bit of work and also care and feeding.
 

Peter2150

Level 7
Verified
.....


Agreed. But the weak point will always be the space between the keyboard and the chair, unless that space is filled with void. So you have to get ready for disaster mitigation as best as you can...
Absolutely. But that is why I have some overlap in my setup. Some of it is duplication, but I like to look at it as a 2nd chance to get it right. Also I have Macrium running hourly incrementals. So I am never far in time from "mitigation"
 

katharn

Level 1
quality over quantity. my company is carrying a few of these next gen av's but theres a big problem with most of them. they eat the CPU. mostly occupy it like 80 to 100%.

and it really bogs down the system.... and coming from a place that still has people using win xp.....

has anyone here used cylance before? seen a few demo's and it looks to be quite good
 
Top