Have you seen the performance reputation of Cylance?

curtcobian

Level 1
Thread author
May 15, 2017
11
Just want to know the reputation of Cylance in real world since I have watched propaganda so many time in the market, such like their technology is completely different from existing pattern file update technology, however never heard the reputation around me.
 
5

509322

Just want to know the reputation of Cylance in real world since I have watched propaganda so many time in the market, such like their technology is completely different from existing pattern file update technology, however never heard the reputation around me.

What is your definition of "reputation" - its ability to protect a system or something else ?

In terms of protecting a system it is no better than the consistently top-rated AV\internet security suites; it's better than Windows Defender. It uses little system resources. It quarantines detection by default with no immediate option for the user to make an allow exception. False positives have to be excluded in the browser-based web console - and the web console is quirky\non-intuitive. Run SysInternals' Process Explorer, enable the Virus Total lookup, and just check out the number of Cylance false positives - make sure you search for loaded *.dlls.

Even though it is very simple in concept, with only a tray icon and single small GUI window, I will be surprised if it is a success in the home\consumer market.

As time goes on and Cylance refines its mathematical models it could turn out to be a winner.
 

curtcobian

Level 1
Thread author
May 15, 2017
11
@danb so I finally got around to the test.

Scan 1 (completely offline): 35 files, ranging from not-so-malicious malware to ransomware, were missed of the 147.

Scan 2 (with internet connectivity): all but 8 of the 147 files were quarantined (incl. the ransomware). See attachment.

Video Review - Ransomware Test: Cylance, Sophos, VoodooShield | by VoodooShield

Thanks LD
Simply want to know the ability of system protection mechanism compared with legacy AV. Now I found the discussion in the thread of above quoted and those kind of things are what I wanted to know. Very curious to know their algorithm and detection logic without pattern matching, huge expectation of heuristic behavior stuff but some gap might be exists between dream and real. need to understand pros and cons of the product. will keep watching what will happen next.
 
Last edited:

boredog

Level 9
Verified
Jul 5, 2016
416
I did a test of Eset a week ago with over 100 malware. I did not see over 15. a week later it did and all on VT were flagged by many AV's. Cylance is in partnership with Dell so it must be pretty good for endpoints and believe me Dell checked out many endpoint solutions before picking Cylance. No matter the bashing , until I see the others being sponsored by such big companies I won't believe their statements about a product.
 

Peter2150

Level 7
Verified
Oct 24, 2015
280
Setting up a Dell right now, and I would question that conclusion. Did they pick for performance or the most profitable for them
 
  • Like
Reactions: simmerskool

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
I did a test of Eset a week ago with over 100 malware. I did not see over 15. a week later it did and all on VT were flagged by many AV's. Cylance is in partnership with Dell so it must be pretty good for endpoints and believe me Dell checked out many endpoint solutions before picking Cylance. No matter the bashing , until I see the others being sponsored by such big companies I won't believe their statements about a product.
So you are saying ESET is not that good? Thinking of getting it. What's your advise?

Thanks
 

boredog

Level 9
Verified
Jul 5, 2016
416
So you are saying ESET is not that good? Thinking of getting it. What's your advise?

Thanks

All I can say is it took a week for them to catch the ones missed. I was only trying the AV not the full blown IS. Right after Eset had detected all it could, I checked each file on VT and most of them were flagged by at least 25 other products.
 
  • Like
Reactions: HarborFront

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
So you are saying ESET is not that good? Thinking of getting it. What's your advise?

Thanks
It's incredibly light and it's generally known for having good signatures but its main zero-day protection (HIPS) is disabled by default. If you do decide to purchase it I'd suggest setting the HIPS to either Smart mode right away or setting it to Learning mode for a week or two and then transitioning into Interactive mode after that.
 
Last edited:

boredog

Level 9
Verified
Jul 5, 2016
416
It's incredibly light and it's generally known for having good signatures but its main zero-day protection (HIPS) is disabled by default. If you do decide to purchase it I'd suggest setting the HIPS to either Smart mode right away or setting it to Learning mode for a week or two and then transitioning into Interactive mode after that.

Currently using Avast's new beta.
 
D

Deleted member 65228

So you are saying ESET is not that good? Thinking of getting it. What's your advise?

Thanks
ESET is a good security vendor, and based on my experience whilst testing them out for a few months in the past they do tend to have good signature detection, the memory scanner is nicely done and if the HIPS is configured properly it can be really useful for zero-day malware protection.

I recommend you try them out using the free 30-day trial to see if you are comfortable with using them, and if it meets your expectations and you like it then you can stick with them. :)
 

Peter2150

Level 7
Verified
Oct 24, 2015
280
Geesh for a Home Edition, they sure make it a pain in the but to even get a trial. I was going to put it to the test, but it's too much trouble. For me that is a measure that doesn't measure up.
 

curtcobian

Level 1
Thread author
May 15, 2017
11
I recommend you try them out using the free 30-day trial to see if you are comfortable with using them, and if it meets your expectations and you like it then you can stick with them worth it

I see what you mean. however, for my case, no time slot to allow me to do the test. this is the reason to ask somebody who has same experience.
Thanks anyway for paying attention.
 

Plebman123

Level 2
Verified
Aug 30, 2017
69
I haven't had much experience with them, but they have a chance in the industry, ill just be watching it anyways just incase
 
F

ForgottenSeer 58943

Just want to know the reputation of Cylance in real world since I have watched propaganda so many time in the market, such like their technology is completely different from existing pattern file update technology, however never heard the reputation around me.

Isn't this the company funded by the CIA, littered with intelligence personal and using some technology from Israeli Intelligence as well?

CIA Investment wing;
https://www.iqt.org/cylance/

Does this sound comforting to anyone in the context of him bragging about govt. invasive activities?
"The hope is that that the conversation evolves from 'catching criminals' on social media to following and analyzing indicators of instability based on past behavior — before those people actually go out and perpetuate crimes," Miller said. "We're not there yet." "It's all going to be done with the motivation of making the world a safer place, but it's all going to be incredibly invasive."-Jon Miller, vice president, Cylance

Then there was the VT controversy where Cylance was using VT without any permission/licensing. Or the Sophos controversy where Cylance was spotted disabling core features of other AV's so they would miss things in tests against Cylance - and Sophos called them out about it.
Thoughts on comparative testing – Sophos News

Cylance wouldn't go anywhere near my networks or computers. Dell uses them? Probably because of some snooping arrangement, especially after the Dell Foundation Malware (preinstalled) fiasco.
 
  • Like
Reactions: upnorth and Fritz
F

ForgottenSeer 58943


Of course, because the govt. has deemed Kaspersky unsafe, so a US Govt. funded product would probably do this. Trend Micro (Booz Allen Hamilton) also now views Kaspersky as malware.
 
  • Like
Reactions: Fritz

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top