Nyotron Paranoid

Burrito

Burrito

Level 24
Thread author
Verified
Top Poster
Well-known
May 16, 2018
1,363
1579020847598.png



I don't know much about this capability -- in fact I heard of it for the first time yesterday.

My employer did some basic testing on this product --- and it seems (preliminary) to be VERY solid. Most products tested with analogous malware packages don't do so well.

Again, I don't know anything about the product, but one of the tech's told me that it is a 'nontraditional' product.

www.nyotron.com

Detection and Real-time Prevention of Cyberthreats – Acronis

Acronis Detection and Response is designed for zero trust, it detects and stops anomalous activities, provides real-time visibility, and so much more.
www.nyotron.com www.nyotron.com

A Radically Different Approach to Endpoint Security
Winning the war on malware requires layered protection for endpoints. PARANOID acts as a last line of defense to shield you from threats that antivirus and next-generation antivirus solutions tend to miss… completely new, unknown and fileless malware, zero-day exploits and advanced persistent threats. This OS-Centric Positive Security solution leverages a map of operating system behavior called Behavior Pattern Mapping to identify actions that can cause system damage or lead to data theft.
Click to expand...

Yeah... I know... how many times have we all heard this kinda cyber mumbo jumbo..

Their "Behavior Pattern Mapping" may just be whitelisting. Again, I dunno. This thing is new to me.

But it seems to work.

www.cybersecurity-insiders.com

PRODUCT REVIEW: Nyotron PARANOID - Cybersecurity Insiders

Explore Nyotron's Paranoid solution that defends against advanced threats with unique behavior-based security technology for comprehensive protection.
www.cybersecurity-insiders.com www.cybersecurity-insiders.com

www.cybersecurity-insiders.com

Nyotron PARANOID Blocks 100% of Unknown Threats During Rigorous ICSA Labs Testing - Cybersecurity Insiders

Nyotron’s Paranoid blocks 100% of unknown threats during rigorous ICSA Labs testing, demonstrating its effectiveness against evolving cyber risks.
www.cybersecurity-insiders.com www.cybersecurity-insiders.com

journalofcyberpolicy.com

Go Ahead, Get Paranoid: Rethinking Endpoint Security - Journal of Cyber Policy

In Dr. No, James Bond is about to leave his hotel room for some martinis (shaken, not stirred!) but he wants to make sure that no one peeks inside Her Majesty’s secret briefcase, which he leaves in the room. Being that it’s 1962, his best option is to sprinkle some fingerprint powder on the...
journalofcyberpolicy.com journalofcyberpolicy.com


Get Paranoid. "Safe" is just an illusion. ;)
1579022287702.png
 
  • Like
  • Wow
  • Thanks
Reactions: brambedkar59, Nevi, Handsome Recluse and 12 others
[correlate]

[correlate]

Level 18
Verified
Top Poster
Well-known
May 4, 2019
825
nyotron endpoints PARANOID is an American company that has several branches with an innovative and effective protection solution that has had impressive positive results .!
ABOUT NYOTRON Nyotron provides the industry’s first OS-Centric Positive Security to strengthen laptop, desktop and server protection. By mapping legitimate operating system behavior, Nyotron’s PARANOID understands all normative ways that may lead to damage, such as file deletion, data exfiltration, encryption, sabotage and more. Focusing on finite “good” actions allows PARANOID to be completely agnostic to threats and attack vectors. PARANOID works seamlessly with antivirus and next-generation antivirus solutions to provide the last line of defense from modern state-level attacks. Nyotron (nyotron.com) is headquartered in Santa Clara, CA with an R&D office in Israel.
 
Last edited:
  • Like
  • Thanks
Reactions: Nevi, roger_m, plat and 6 others
[correlate]

[correlate]

Level 18
Verified
Top Poster
Well-known
May 4, 2019
825
Burrito said:
View attachment 232152


I don't know much about this capability -- in fact I heard of it for the first time yesterday.

My employer did some basic testing on this product --- and it seems (preliminary) to be VERY solid. Most products tested with analogous malware packages don't do so well.

Again, I don't know anything about the product, but one of the tech's told me that it is a 'nontraditional' product.

www.nyotron.com

Detection and Real-time Prevention of Cyberthreats – Acronis

Acronis Detection and Response is designed for zero trust, it detects and stops anomalous activities, provides real-time visibility, and so much more.
www.nyotron.com www.nyotron.com



Yeah... I know... how many times have we all heard this kinda cyber mumbo jumbo..

Their "Behavior Pattern Mapping" may just be whitelisting. Again, I dunno. This thing is new to me.

But it seems to work.

www.cybersecurity-insiders.com

PRODUCT REVIEW: Nyotron PARANOID - Cybersecurity Insiders

Explore Nyotron's Paranoid solution that defends against advanced threats with unique behavior-based security technology for comprehensive protection.
www.cybersecurity-insiders.com www.cybersecurity-insiders.com

www.cybersecurity-insiders.com

Nyotron PARANOID Blocks 100% of Unknown Threats During Rigorous ICSA Labs Testing - Cybersecurity Insiders

Nyotron’s Paranoid blocks 100% of unknown threats during rigorous ICSA Labs testing, demonstrating its effectiveness against evolving cyber risks.
www.cybersecurity-insiders.com www.cybersecurity-insiders.com

journalofcyberpolicy.com

Go Ahead, Get Paranoid: Rethinking Endpoint Security - Journal of Cyber Policy

In Dr. No, James Bond is about to leave his hotel room for some martinis (shaken, not stirred!) but he wants to make sure that no one peeks inside Her Majesty’s secret briefcase, which he leaves in the room. Being that it’s 1962, his best option is to sprinkle some fingerprint powder on the...
journalofcyberpolicy.com journalofcyberpolicy.com


Get Paranoid. "Safe" is just an illusion. ;)
View attachment 232153
Click to expand...
1579026640433.png
 
  • Like
Reactions: Nevi, roger_m, Protomartyr and 4 others
Burrito

Burrito

Level 24
Thread author
Verified
Top Poster
Well-known
May 16, 2018
1,363
Oh, I guess they say it does not involve whitelisting.


  • No artificial intelligence, machine learning or deep learning
  • No sandboxing, micro-virtualization or application isolation
  • No whitelisting or application control
  • No OS hardening or lockdown
  • No indicators of compromise (IOCs), indicators of attack (IOAs) or antivirus signatures
  • No baselining or user behavior analytics
  • No disk scanning
  • No cloud connectivity required
Click to expand...


So like the pyramids --- it's a great mystery

Ok, time for a beer.
 
  • HaHa
  • Like
  • Wow
Reactions: Nevi, Handsome Recluse, Andy Ful and 5 others
[correlate]

[correlate]

Level 18
Verified
Top Poster
Well-known
May 4, 2019
825
Burrito said:
Oh, I guess they say it does not involve whitelisting.





So like the pyramids --- it's a great mystery

Ok, time for a beer.
Click to expand...
You are right that it is a puzzle, but I think that it monitors the work of files and follows its possible path. This may be the job, but I also share with you the president. It is a puzzle like the mystery of the disappearance of Atlantis.
 
  • HaHa
  • Like
Reactions: Nevi, roger_m, plat and 2 others
Burrito

Burrito

Level 24
Thread author
Verified
Top Poster
Well-known
May 16, 2018
1,363
Behold Eck said:
Seems like a HIPS, mumbo jumbo style or maybe a re brand of Webroot ??

Regards Eck:)
Click to expand...

Ah hah.... the Eckster rolls in...

I was wondering if it was a Green Kool-Aid knock-off.... until it started actually working.

There is a lot of mumbo jumbo going on with this product.

But it works REALLY well -- tested against one batch of malware.

I'm trying to get a couple of comped test licenses now.

I need a Malware Hub tester volunteer to test this thing. But apparently, we can only refer to it as "Product X" -- as part of the TOS for the test license -- unless we get explicit written permission from the company.
 
  • Like
  • HaHa
  • Thanks
Reactions: Behold Eck, Nevi, [correlate] and 4 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,511
Burrito said:
Oh, I guess they say it does not involve whitelisting.
  • No artificial intelligence, machine learning or deep learning
  • No sandboxing, micro-virtualization or application isolation
  • No whitelisting or application control
  • No OS hardening or lockdown
  • No indicators of compromise (IOCs), indicators of attack (IOAs) or antivirus signatures
  • No baselining or user behavior analytics
  • No disk scanning
  • No cloud connectivity required
So like the pyramids --- it's a great mystery

Ok, time for a beer.
Click to expand...

It looks like an advanced post-infection behavioral protection based on a pre-learned map of the OS behavior. Any such protection will have problems with Windows updates, so the updates will be probably integrated with PARANOID updates.

The main difference is that standard solutions are focused on the pre-execution stage and PARANOID is focused on the post-execution stage. It is always harder to predict the behavior than simply monitor what is happening. The second difference is that PARANOID is focused on the possible good behaviors (pre-learned), and the traditional solutions look at suspicious behaviors.
So, it is the post-infection post-execution protection based on behavioral whitelisting, as opposed to traditional solutions that are based on pre-execution protection (signatures, advanced heuristics, etc.) and post-execution behavioral blacklisting.
The idea of Paranoid is similar to the car anti-collision system + GPS (pre-learned possible roads). It does not allow the driver to pull off the road, but it does not care which road it is (if it is included in GPS).

Any protection can be finally bypassed. PARANOID can be actually very strong, until the bad guys learn how to fight it.
 
Last edited:
  • Like
  • Thanks
  • +Reputation
Reactions: Burrito, Azure, Gandalf_The_Grey and 7 others
[correlate]

[correlate]

Level 18
Verified
Top Poster
Well-known
May 4, 2019
825
Andy Ful said:
It looks like an advanced post-infection behavioral protection based on a pre-learned map of the OS behavior. Any such protection will have problems with Windows updates, so the updates will be probably integrated with PARANOID updates.

The main difference is that standard solutions are focused on the pre-execution stage and PARANOID is focused on the post-execution stage. It is always harder to predict the behavior than simply monitor what is happening. The second difference is that PARANOID is focused on the possible good behaviors (pre-learned), and the traditional solutions look at suspicious behaviors.
So, it is the post-infection protection based on behavioral whitelisting, as opposed to traditional solutions that are based on pre-execution protection (signatures, advanced heuristics, etc.) and post-execution behavioral blacklisting.
The idea of Paranoid is similar to the car anti-collision system + GPS (pre-learned possible roads). It does not allow the driver to pull off the road, but it does not care which road it is (if it is included in GPS).

Any protection can be finally bypassed. PARANOID can be actually very strong, until the bad guys learn how to fight it.
Click to expand...
Wonderful analysis Andy Ful think you are right in your analysis of how the program works. :) (y) :devilish: .
 
  • Like
  • Thanks
Reactions: Burrito, bribon77, Behold Eck and 2 others
Behold Eck

Behold Eck

Level 18
Verified
Top Poster
Well-known
Jun 22, 2014
864
Burrito said:
Ah hah.... the Eckster rolls in...

I was wondering if it was a Green Kool-Aid knock-off.... until it started actually working.

There is a lot of mumbo jumbo going on with this product.

But it works REALLY well -- tested against one batch of malware.

I'm trying to get a couple of comped test licenses now.

I need a Malware Hub tester volunteer to test this thing. But apparently, we can only refer to it as "Product X" -- as part of the TOS for the test license -- unless we get explicit written permission from the company.
Click to expand...

Yeah Frank, I can only nip in and out these days due to work commitments and all that.

Great find though, looking forward to seeing "Product X" get put through it`s paces.

Regards Eck:)
 
  • Like
  • Applause
  • Thanks
Reactions: Burrito, bribon77 and [correlate]
Lenny_Fox

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
In corporate environment their only two digital assets: money and data. Paranoid protects data, by analyzing how it is accessed. When it discovers an unusual pattern, it intervenes, simple as that.

Paranoid said:
“We know exactly what it looks like when a legitimate user takes an action like deleting a file. Right-clicking on a file and deleting is matched by a sequence of activities at the Kernel level. When a hacker tries to delete your file, it’s going to look totally different. If you know what to look for, the OS will tell you that something illegitimate is going on.
Click to expand...

Windows Defender was the first Anti-Virus which was OS-aware. This (according to Paranoid claim) is the first OS-aware host-intrusion-detection-system with post-infection prevention measures (probably automated and centrally managed). The king-is-dead, long-live-the-king :) Maybe this is the come-back of old fashioned HIDS & HIPS with new Machine Learning capabilities using the telemetry data of the OS.
 
Last edited:
  • Like
  • Applause
Reactions: Behold Eck, roger_m, bribon77 and 2 others
Burrito

Burrito

Level 24
Thread author
Verified
Top Poster
Well-known
May 16, 2018
1,363
Andy Ful said:
So, it is the post-infection post-execution protection based on behavioral whitelisting, as opposed to traditional solutions that are based on pre-execution protection (signatures, advanced heuristics, etc.) and post-execution behavioral blacklisting.
The idea of Paranoid is similar to the car anti-collision system + GPS (pre-learned possible roads). It does not allow the driver to pull off the road, but it does not care which road it is (if it is included in GPS).

Any protection can be finally bypassed. PARANOID can be actually very strong, until the bad guys learn how to fight it.
Click to expand...

It's always a pleasure when Andy checks into a thread. For newbs or anybody who does not know --- Andy understands Microsoft internals WAY better than the average bear. He also turned Windows Defender into a Contender even back when it was still sucky. Check out the H_C optimizer for Windows Defender if you have not yet. And... thanks for the explanation Andy.



Lenny_Linux said:
In corporate environment their only two digital assets: money and data. Paranoid protects data, by analyzing how it is accessed. When it discovers an unusual pattern, it intervenes, simple as that.
Windows Defender was the first Anti-Virus which was OS-aware. This (according to Paranoid claim) is the first OS-aware host-intrusion-detection-system with post-infection prevention measures (probably automated and centrally managed). The king-is-dead, long-live-the-king :) Maybe this is the come-back of old fashioned HIDS & HIPS with new Machine Learning capabilities using the telemetry data of the OS.
Click to expand...

Another good hypothesis to explain PARANOID. Also a pleasure when Lenny_Linux checks in. And for those who don't know --- we used to have a Super-Intelligent and helpful MT guru --- @Windows_Security. That guy was great. Windows_Security disappeared about the same time as a couple of Dutch citizens stormed Area 51. The Mysterious Disappearance of Windows_Security Link Anyway... after Windows_Security stopped coming here, the UN, EU, and MT all filed formal protests with Holland about the great loss with Windows_Security's cessation of participation here at MT. Finally, Holland coughed up a surprisingly good replacement --- Lenny_Linux -- who has true expertise in surprisingly similar ways. Note how he and Windows_Securty use the underscore ___ in their handles. Must be a Dutch thing..

(y)
 
  • Like
  • +Reputation
  • HaHa
Reactions: Behold Eck, roger_m, Lenny_Fox and 5 others
Burrito

Burrito

Level 24
Thread author
Verified
Top Poster
Well-known
May 16, 2018
1,363
Umbra said:
Another fancy product that will be hyped in forums for few months then forgotten except by few fans.
Strangely they use the same marketing approach than Cylance.
Click to expand...

Well.... it worked well for Cylance.

Marketing emulation can be a good strategy.

Cylance went from being a new "revolutionary" AI/ML capability to grabbing Top 10 market share in a flash. Amazing how well they accomplished that -- especially for a product with a few significant holes.

I use Cylance on a couple of machines... and I like it. But I use it with other stuff.. And the false positives can be a PITA.

1579446510336.png
 
  • Like
  • Applause
Reactions: harlan4096, [correlate], Andy Ful and 1 other person
CMLew

CMLew

Level 23
Verified
Well-known
Oct 30, 2015
1,251
Burrito said:
Well.... it worked well for Cylance.

Marketing emulation can be a good strategy.

Cylance went from being a new "revolutionary" AI/ML capability to grabbing Top 10 market share in a flash. Amazing how well they accomplished that -- especially for a product with a few significant holes.

I use Cylance on a couple of machines... and I like it. But I use it with other stuff.. And the false positives can be a PITA.

View attachment 232481
Click to expand...
Top 10 market share? In US u mean? or only in certain region in US? hmm.... sounds too good to be true.
 
  • Like
Reactions: roger_m, [correlate] and Burrito

Similar threads

Trident
    • Like
    • +Reputation
    • Thanks
Serious Discussion Decoding the Trend Micro Components and Protection Model
Replies
24
Views
2,979
Other security for Windows, Mac, Linux
Mahesh Sudula
Mahesh Sudula
Adrian Ścibor
    • Like
    • +Reputation
    • Applause
AVLab.pl Protection effectiveness of EDR solutions against Internet threats
Replies
10
Views
1,109
Security Statistics and Reports
Moonhorse
Moonhorse
TuxTalk
    • Like
    • +Reputation
App Review Trend Micro Worry-Free XDR Services
Replies
16
Views
986
Written Reviews - Security and Privacy
TuxTalk
TuxTalk

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top