curtcobian

Level 1
Just want to know the reputation of Cylance in real world since I have watched propaganda so many time in the market, such like their technology is completely different from existing pattern file update technology, however never heard the reputation around me.
 
5

509322

Just want to know the reputation of Cylance in real world since I have watched propaganda so many time in the market, such like their technology is completely different from existing pattern file update technology, however never heard the reputation around me.
What is your definition of "reputation" - its ability to protect a system or something else ?

In terms of protecting a system it is no better than the consistently top-rated AV\internet security suites; it's better than Windows Defender. It uses little system resources. It quarantines detection by default with no immediate option for the user to make an allow exception. False positives have to be excluded in the browser-based web console - and the web console is quirky\non-intuitive. Run SysInternals' Process Explorer, enable the Virus Total lookup, and just check out the number of Cylance false positives - make sure you search for loaded *.dlls.

Even though it is very simple in concept, with only a tray icon and single small GUI window, I will be surprised if it is a success in the home\consumer market.

As time goes on and Cylance refines its mathematical models it could turn out to be a winner.
 

curtcobian

Level 1
@danb so I finally got around to the test.

Scan 1 (completely offline): 35 files, ranging from not-so-malicious malware to ransomware, were missed of the 147.

Scan 2 (with internet connectivity): all but 8 of the 147 files were quarantined (incl. the ransomware). See attachment.
Video Review - Ransomware Test: Cylance, Sophos, VoodooShield | by VoodooShield

Thanks LD
Simply want to know the ability of system protection mechanism compared with legacy AV. Now I found the discussion in the thread of above quoted and those kind of things are what I wanted to know. Very curious to know their algorithm and detection logic without pattern matching, huge expectation of heuristic behavior stuff but some gap might be exists between dream and real. need to understand pros and cons of the product. will keep watching what will happen next.
 
Last edited:

boredog

Level 9
I did a test of Eset a week ago with over 100 malware. I did not see over 15. a week later it did and all on VT were flagged by many AV's. Cylance is in partnership with Dell so it must be pretty good for endpoints and believe me Dell checked out many endpoint solutions before picking Cylance. No matter the bashing , until I see the others being sponsored by such big companies I won't believe their statements about a product.
 

HarborFront

Level 46
Verified
Content Creator
I did a test of Eset a week ago with over 100 malware. I did not see over 15. a week later it did and all on VT were flagged by many AV's. Cylance is in partnership with Dell so it must be pretty good for endpoints and believe me Dell checked out many endpoint solutions before picking Cylance. No matter the bashing , until I see the others being sponsored by such big companies I won't believe their statements about a product.
So you are saying ESET is not that good? Thinking of getting it. What's your advise?

Thanks
 

boredog

Level 9
So you are saying ESET is not that good? Thinking of getting it. What's your advise?

Thanks
All I can say is it took a week for them to catch the ones missed. I was only trying the AV not the full blown IS. Right after Eset had detected all it could, I checked each file on VT and most of them were flagged by at least 25 other products.
 
  • Like
Reactions: HarborFront

Arequire

Level 23
Verified
Content Creator
So you are saying ESET is not that good? Thinking of getting it. What's your advise?

Thanks
It's incredibly light and it's generally known for having good signatures but its main zero-day protection (HIPS) is disabled by default. If you do decide to purchase it I'd suggest setting the HIPS to either Smart mode right away or setting it to Learning mode for a week or two and then transitioning into Interactive mode after that.
 
Last edited:

boredog

Level 9
It's incredibly light and it's generally known for having good signatures but its main zero-day protection (HIPS) is disabled by default. If you do decide to purchase it I'd suggest setting the HIPS to either Smart mode right away or setting it to Learning mode for a week or two and then transitioning into Interactive mode after that.
Currently using Avast's new beta.
 
D

Deleted member 65228

So you are saying ESET is not that good? Thinking of getting it. What's your advise?

Thanks
ESET is a good security vendor, and based on my experience whilst testing them out for a few months in the past they do tend to have good signature detection, the memory scanner is nicely done and if the HIPS is configured properly it can be really useful for zero-day malware protection.

I recommend you try them out using the free 30-day trial to see if you are comfortable with using them, and if it meets your expectations and you like it then you can stick with them. :)
 

Peter2150

Level 7
Verified
Geesh for a Home Edition, they sure make it a pain in the but to even get a trial. I was going to put it to the test, but it's too much trouble. For me that is a measure that doesn't measure up.
 

curtcobian

Level 1
I recommend you try them out using the free 30-day trial to see if you are comfortable with using them, and if it meets your expectations and you like it then you can stick with them worth it
I see what you mean. however, for my case, no time slot to allow me to do the test. this is the reason to ask somebody who has same experience.
Thanks anyway for paying attention.
 

Plebman123

Level 2
I haven't had much experience with them, but they have a chance in the industry, ill just be watching it anyways just incase
 

Slyguy

Level 41
Verified
Just want to know the reputation of Cylance in real world since I have watched propaganda so many time in the market, such like their technology is completely different from existing pattern file update technology, however never heard the reputation around me.
Isn't this the company funded by the CIA, littered with intelligence personal and using some technology from Israeli Intelligence as well?

CIA Investment wing;
https://www.iqt.org/cylance/

Does this sound comforting to anyone in the context of him bragging about govt. invasive activities?
"The hope is that that the conversation evolves from 'catching criminals' on social media to following and analyzing indicators of instability based on past behavior — before those people actually go out and perpetuate crimes," Miller said. "We're not there yet." "It's all going to be done with the motivation of making the world a safer place, but it's all going to be incredibly invasive."-Jon Miller, vice president, Cylance

Then there was the VT controversy where Cylance was using VT without any permission/licensing. Or the Sophos controversy where Cylance was spotted disabling core features of other AV's so they would miss things in tests against Cylance - and Sophos called them out about it.
Thoughts on comparative testing – Sophos News

Cylance wouldn't go anywhere near my networks or computers. Dell uses them? Probably because of some snooping arrangement, especially after the Dell Foundation Malware (preinstalled) fiasco.
 
  • Like
Reactions: upnorth and Fritz

Slyguy

Level 41
Verified
Of course, because the govt. has deemed Kaspersky unsafe, so a US Govt. funded product would probably do this. Trend Micro (Booz Allen Hamilton) also now views Kaspersky as malware.
 
  • Like
Reactions: Fritz