App Review Sophos Vs Cylance

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.

Did you know about Next-Gen solutions?

  • Yes

    Votes: 22 37.9%

  • No

    Votes: 36 62.1%
  • Total voters
    58
T

Tempnexus

Level 3
Verified
Nov 25, 2015
136
Umbra said:
Obviously made by Sophos after getting bashed by Cylance , The Empire Strike Back ! (and hard) :D
for information , both Sophos and Cylance developed the Next-Gen type (AI thingy) solutions.

I had doubt about Cylance since the beginning since you are not allowed to have any control over it, all is done remotely by their tech... :rolleyes: , after watching this i know why lol.

Click to expand...



Thank you so much for this!!!! You might have saved taxpayers a lot of $$$

I was about to bring this tech up onto our current agency tech refresh planning meeting. Mainly since the stellar reviews and the stupid "shh" ads all over airports. Also because they are on GSA purchase list so easier to procure. But now I will know decide against it after spending a good 5 hours of my personal time combing through and theese posts and other posts made on other sites. Yeap market research for the win.
 
Last edited by a moderator:
  • Like
Reactions: Logethica, Deleted Member 3a5v73x, Cats-4_Owners-2 and 2 others
TheMalwareMaster

TheMalwareMaster

Level 21
Verified
Honorary Member
Top Poster
Well-known
Jan 4, 2016
1,022
_CyberGhosT_ said:
@TheMalwareMaster
Yes but it's not free, its quite expensive.
see the link in my previous post in this thread.
PeAcE
Click to expand...
So, Basically this product is used mostly for endpoints? Can you please link me a guide about how it works? I've seen some youtube videos from them and still can't understand.. No signatures, no heuristics, no sandboxing? Regards
 
  • Like
Reactions: Logethica, Deleted Member 3a5v73x and Cats-4_Owners-2
SHvFl

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,350
TheMalwareMaster said:
So, Basically this product is used mostly for endpoints? Can you please link me a guide about how it works? I've seen some youtube videos from them and still can't understand.. No signatures, no heuristics, no sandboxing? Regards
Click to expand...
They use math and AI and based on parameters it decides if a program is good or bad. Some say it's smoke and mirrors show, some others that they are just an antivirus and some that they are awesome next gen endpoint solution.
if you read the topic you will see most point of view.

EDIT: Saw this on the other forum. A more info version of mine.
New Dell partnership casts doubt on traditional antivirus programs
 
Last edited:
  • Like
Reactions: Logethica, Deleted Member 3a5v73x, Nightwalker and 2 others
cruelsister

cruelsister

Level 43
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,224
Let's consider the traditional (pure) AV solution: it will have a local scanner containing definitions against malware that would be uploaded to the system using the product at certain intervals. There will also be a Cloud component that would contain new malware definitions created after the last upload but still not pushed out. What can we expect in a test for this product?

1). When disconnected from the network, one can reasonably expect only the malware for which a local definition exists will be detected. It will not detect anything for which Cloud protection exists buy still not uploaded to the local system. In short detection should be lower with the Network disconnected.

2). A pure AV cannot detect anything for which it does not have a definition. So take an existing malicious file, nop out some redundant code and you get a brand new zero day file that the AV (Local or Cloud) cannot detect.

Now let's review what the original video showed about C.

1). Detection went down in the absence of a Network connection
2). It did not detect malware files that have been modified.

If it looks like a duck and quacks like a duck, then...
 
  • Like
Reactions: Deleted Member 3a5v73x, Andytay70, Cats-4_Owners-2 and 4 others
Malware Managed

Malware Managed

From Malware Managed
Verified
Jun 29, 2016
18
_CyberGhosT_ said:
Thats right Temp, Cylance and companies like them count on the fact that many are too busy to do their homework.
An ignorant customer base is a lucrative customer base, isn't that right Malware Managed :rolleyes:
Click to expand...

I would not presume to say that our customers are ignorant but I can say that most of them are not security professionals; though we do have some security professionals who use PROTECT as well. Our goal is to make PROTECT available to a customer base that previously didn't have access. My Co-Founder and I have been using PROTECT for over two years in the enterprise space and have not had to deal with a single peace of ransomware during that time; which, unfortunately for us, was not the situation before we started using PROTECT.

I would also say that anyone, who has worked in the IT security space for over twenty years, would agree that no security solution is unbeatable by red team.
 
  • Like
Reactions: Logethica and Cats-4_Owners-2
D

Deleted member 178

Thread author
Malware Managed said:
I would not presume to say that our customers are ignorant but I can say that most of them are not security professionals; though we do have some security professionals who use PROTECT as well. Our goal is to make PROTECT available to a customer base that previously didn't have access.
Click to expand...

by Pay first, try it then ask for refund if not satisfied? sorry it won't work.

My Co-Founder and I have been using PROTECT for over two years in the enterprise space and have not had to deal with a single peace of ransomware during that time; which, unfortunately for us, was not the situation before we started using PROTECT.
Click to expand...

Ransomware are overrated, any properly set anti-exe/HIPS can block them. lets throw some FUD encrypted RAT with signed certificates, that is where the real game start.

I would also say that anyone, who has worked in the IT security space for over twenty years, would agree that no security solution is unbeatable by red team.
Click to expand...

Indeed , problem with Cylance , is that you bombard the net with claims you can't deliver and use shady behaviors to get those "unskilled" people to believe those claims.

lets talk about CylanceProtect for home users :

- No trial available , must pay first. come on...
- no prevention features, just hoping your AI algorithm will catch the intruders, problem it may be too late. ok....
- no controls over the software, users have to believe your techs, sorry i can do it better , i don't need them to set up a product for my system. /facepalm
- use of cloud when you say you don't. The Sophos Video clearly shows it with the hash file modification. /uber-facepalm

Then when Cylance does its "Unbelievable Tour" you compare it with others products, but when Sophos strike back with the same procedure, you ask the video to be removed?! Come on dude ! :rolleyes:

And after all this you expect to be taken seriously?

You want look honest ? let people download and trial your product, test it against malwares, and then if your claims are true, the truth will come out by itself and you will gain huge popularity. But i won't believe you may do that anytime soon, because i single video from Sophos threw you off balance.

For example give a licensed version to @cruelsister so she can test Cylance against high end malwares as she did with many other famous vendors, let see how Cylance performs? would you?
 
Last edited by a moderator:
  • Like
Reactions: Solarquest, Deleted Member 3a5v73x, Tempnexus and 6 others
FleischmannTV

FleischmannTV

Level 7
Verified
Honorary Member
Well-known
Jun 12, 2014
314
Duotone said:
What if CS test didn't go the way they wanted would they ask her to remove the video as well?!
Click to expand...

In this case one of the involved parties probably was in violation of licensing terms for giving Sophos access to their software.

That's the thing about them. They don't hand out their software for independent open reviews. You're only ever gonna see it on their computers and on their terms and their customers probably have to sign contracts, which bind them not to give access to the software to any third party.

They, on the other hand, buy their competitors software and use it in video "reviews". Tells me all I need to know about them.
 
  • Like
Reactions: Solarquest, Logethica, Deleted Member 3a5v73x and 5 others

Similar threads

Trident
    • Like
    • Applause
    • +Reputation
  • Poll
Serious Discussion Pre-execution vs post-execution protections explained
Replies
6
Views
1,075
General Security Discussions
Trident
Trident
SpyNetGirl
    • Like
    • +Reputation
    • Hundred Points
Harden Windows Security | Only with official documented methods | Always up to date
Replies
75
Views
13,880
Other security for Windows, Mac, Linux
Warencom
W
Bot
    • Like
Financial Cyberthreats in 2019
Replies
0
Views
1,789
Kaspersky
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top