App Review Sophos Vs Cylance

[Deleted member 178]

Obviously made by Sophos after getting bashed by Cylance , The Empire Strike Back ! (and hard)

for information , both Sophos and Cylance developed the Next-Gen type (AI thingy) solutions.

I had doubt about Cylance since the beginning since you are not allowed to have any control over it, all is done remotely by their tech... , after watching this i know why lol.

 

[_CyberGhosT_]

WOW, that was awesome.
I too was under Cylance's spell, even Emailed them with some questions.
After seeing this I will be adding them to my spam filter.
I knew Sophos was pretty strong protection, but based on Cylances ads
I thought they were a far better solution, I would have regretted getting
involved with Cylance.
Most Awesome share ever Umbra
Thanks

 

[frogboy]

I had never heard of Cylance before this.

 

[Duotone]

No wonder they didn't won the Homeland Security Award... and I was even impressed by there Next-Gen protection!

 

[_CyberGhosT_]

They don't directly sell or market their home version either,
it's done here: Malware Managed - We Manage Malware So You Don't Have To
I e-mailed them like 3 days ago with questions, they havent responded yet.
Probably too busy with damage control after that video went public. rofl

 

[cruelsister]

Superb find, Umbra. The points made at the 9th minute about the difference in detection of Cylance with and without being connected to the Internet is really important. Whenever Cylance is accused of a Cloud lookup (like VT, hint, hint) they squeal like pigs in denial.

I'm not a large Sophos fan, but have to give them a Bravo on this one.

 

[Deleted member 178]

To be fair, the credit go to @FleischmannTV , he originally found this video.

Me too, i also heavily laughed at the hash modification test

 

[cruelsister]

The guys at Cylance are really pretty shrewd. They are very good at self promotion (like the disgusting "Unbelievable Tour- a room full of IT drones nodding their head like the brainless bobble-heads they are) and are just setting themselves up to cash in big time when Cylance goes public. Sad thing is the vast majority of current Wall Street analysts wouldn't know a quality security application if it smacked them in the head (which I've often wanted to do) and this just furthers the love fest.

 

[Deleted member 178]

Not saying , they are using resellers with no real clues of the product development except how much you have to spend on it...and their resellers fled the scene when things got hot

Cylance for Home and SMB via Malware Managed - Testing

Then here comes Umbra's Hammer of Thor Cylance for Home and SMB via Malware Managed - Testing

 

[hjlbx]

The guys at Cylance are really pretty shrewd. They are very good at self promotion (like the disgusting "Unbelievable Tour- a room full of IT drones nodding their head like the brainless bobble-heads they are) and are just setting themselves up to cash in big time when Cylance goes public. Sad thing is the vast majority of current Wall Street analysts wouldn't know a quality security application if it smacked them in the head (which I've often wanted to do) and this just furthers the love fest.

For the analysts, the products don't need to work to take the company public. All that is needed is for the share price to double or triple on the first day of trading.

 

[woodrowbone]

Hats off to the HitmanPro team, they made all the difference to Sophos favor in that video.


/W

 

[Av Gurus]

Can't watch - "This video is private"???



Is this only be my or...?

 

[Alkajak]

Can't watch - "This video is private"???

View attachment 105680

Is this only be my or...?

Confirmed that it has been made private. Wouldn't be surprised if Cylance took legal action to have the video temporarily pulled for whatever shady reason. The video made explicit accusations towards Cylance silently disabling important modules from the products they compared to theirs.

 

[Deleted member 2913]

Guess, on Sophos video

Posted by itman on Wilders
Cylance vs. Smoke and Mirrors

 

[Alkajak]

It’s easy to create an anti-Cylance video. In fact, if you’re a competitor, here’s the recipe:

Step 1: Convince a partner to sell you a CylancePROTECT® license or simply have your VP of Global Sales Engineering request to borrow a login.

Step 2: Install CylancePROTECT on a virtual machine (VM).

Step 3: Install your own legacy software on a second VM instance.

Step 4: Download samples from any number of malware sharing repositories.

Step 5: Run each product against this large sample set and CAREFULLY remove all malicious software, scripts and exploits that your product misses. (NOTE: you may have to generate multiple videos until you have removed all of the false negatives).

Step 6 (IMPORTANT): Change the default policies for CylancePROTECT to disable certain key features like memory protection and script control, or at the minimum, put them into “alert only” mode.

Step 7: Record video, send to your channel partners as a “smoking gun” and pat yourself on the back for hawking a bloated, ineffective security product that continues to lose market share.

Professionalism at its finest from Cylance. /s

 

[Deleted member 2913]

Superb find, Umbra. The points made at the 9th minute about the difference in detection of Cylance with and without being connected to the Internet is really important. Whenever Cylance is accused of a Cloud lookup (like VT, hint, hint) they squeal like pigs in denial.

I'm not a large Sophos fan, but have to give them a Bravo on this one.

On Cylance using VT

Posted by itman on Wilders

On Cylance

There was a possible confusion that got propagated that Cylance was using VirusTotal directly in their product. I now have information that this may be incorrect.

Cylance was using VirusTotal, as they said in the Reuters article. It’s possible they were using the service to download samples to train their engine, not directly from inside their product. It’s also possible that they used VirusTotal to help detect malware.

I don’t know for sure, and that’s why I expect to be talking to them in the next several days.

Ref.: http://blog.eckelberry.com/2016/05/

 

[cruelsister]

It's actually trivial whether or not VT itself it used. What is clear is that they are used something if not identical then really, really similar. This was shown both by the detection difference with and without the Cloud, as well as nopping out redundant code to change old malware into new. If you want to make some cash, try the latter- bring the sample to one of the Unbelievable Tour dates and have them run it.

And about emailing C and expecting an answer consistent with reality- just look at how they operate on the Tours- they either code or cherry pick samples (many script-based) run them against SEP as well as their product. C gets 100% and SEP gets less than that (I guess they estimate the credibility and credentials of their audience in deciding how many SEP should fail against). Not exactly a double-blind trial.

 

[Malware Managed]

They don't directly sell or market their home version either,
it's done here: Malware Managed - We Manage Malware So You Don't Have To
I e-mailed them like 3 days ago with questions, they havent responded yet.
Probably too busy with damage control after that video went public. rofl

Hi _CyberGhosT_, we didn't see your contact attempt (sorry about that) - how can we help?
If you'd like to email us directly, you can do so at sales [at] malwaremanaged.com.

 

[_CyberGhosT_]

@Malware Managed
I E-Mailed Cylance directly initially.
Given the current state of things, I think I will pass.
Thank You for the info. though.

 

[Malware Managed]

I see - thanks for the clarification _CyberGhosT_.