SparkCognition DeepArmor

[SHvFl]

I have an idea, if she can help it wont be based here in the thread, all the MalwareTips members that signed up should PM her your Email addresses
that you used to signup for the beta program with

Yeah, that's what i plan to do if she is up to it. Didn't want to straight up annoy her over pm because she might not want/can do anything.

 

[_CyberGhosT_]

I tried to install it in a VM with windows 7 installed, it doesn't work on my VM either. It doesn't detect Eicar test file because it doesn't use signatures, and doesn't detect files before running them, you can't even scan files with it.
It looks very promising, but I do not know if it is stable to install it on my laptop and I have no idea if it works with Kaspersky or should I uninstall Kaspersky

That test won't work and for good reason, that test does not contain any malware plain and simple.
I would remove Kaspersky seeing this is a beta and a traditional sig based AV is going to interfere
with it at some level, but lets see what Sarah thinks.

 

[toto]

That test won't work and for good reason, that test does not contain any malware plain and simple.

yeah !!
it basically doesn't run and try to harm the system, which basically is what deeparmor protects.

 

[_CyberGhosT_]

yeah !!
it basically doesn't run and try to harm the system, which basically is what deeparmor protects.

Ok, but it is looking for Malware algorithms which that test does not contain, your running a test designed for "sig based" Av's
It will never work for DeepGuard
::EDIT::
From DeepArmor
Why doesn’t DeepArmor alert on the EICAR test virus?
DeepArmor is signature-free so by nature does not alert on the EICAR test virus as no real malware incorporates their signature (i.e. they do not wish to be caught because of the EICAR signature).

The EICAR test virus is not actually a virus at all (and contains no viral components) per the information provided at the following URL: http://www.eicar.org/86-0-Intended-use.html

DeepArmor instead is “trained” using cognitive algorithms on hundreds of thousands of real malware samples (and clean files) in order to predict (with some confidence interval) a new encountered file as either “malware” or “benign”.

As the EICAR test virus is ultimately a benign Windows portable executable, DeepArmor will not alert against it.

I got it to trigger on the USB creator tool untbootin, here check it out
View attachment 119000

It for sure does not like Unetbootin lol

 

[shmu26]

I finally got an acceptance email from them yesterday. It took how knows how long, I already forgot about them, and then they got back to me...

 

[Raheel99]

@sarah_at_spark Any idea how long it takes to send me beta info. I registered a few days ago and not even a confirmation email.

I have received confirmation email for beta tester after 25 days.

 

[SHvFl]

I have received confirmation email for beta tester after 25 days.

Lol in 25 days who lives and who dies. Can someone give me the hash of the installer so if they send me the same in a month to not even bother?

 

[sarah_at_spark]

@sarah_at_spark Any idea how long it takes to send me beta info. I registered a few days ago and not even a confirmation email.

Hey @SHvFl, @Raheel99, and @shmu26, sorry for the inconvenience. I confirmed the sign-up page does not generate a confirmation Email and have alerted my team to remedy this. As for the delay in activating the beta, I've reached out to the development team and they have provided the following response:

There are a few factors that contribute to the delay but the primary reason is as follows:

The DeepArmor cognitive models execute in the cloud and provide a "cognitive threat confidence" as a microservice. The Windows client is simply a "client" that makes requests to the cloud service. Thus, in order to monitor and manage the costs of hosting the "free" beta, the IT team staggers beta tester activation into groups based on server load.

We apologize for the delay and very much appreciate your sign-up and interest in helping us test DeepArmor!

I tried to install it in a VM with windows 7 installed, it doesn't work on my VM either. It doesn't detect Eicar test file because it doesn't use signatures, and doesn't detect files before running them, you can't even scan files with it.
It looks very promising, but I do not know if it is stable to install it on my laptop and I have no idea if it works with Kaspersky or should I uninstall Kaspersky

DeepArmor is supported on Windows 7, running in a VM or on physical hardware. Please feel free to reach out to the support team 'deeparmor@sparkcognition.com' for help and include any error messages, etc. you see. DeepArmor should play nicely with Kaspersky and SparkCognition, Inc. does not recommend uninstalling your traditional AV. Please let the support team know if you encounter issues with DeepArmor running side-by-side with your signature-based AV.

Signature-based detection plus cognitive-based detection equals better threat coverage!

 

[SHvFl]

Hey @SHvFl, sorry for the inconvenience. I confirmed the sign-up page does not generate a confirmation Email and have alerted my team to remedy this. As for the delay in activating the beta, I've reached out to the development team and they have provided the following response:

There are a few factors that contribute to the delay but the primary reason is as follows:

The DeepArmor cognitive models execute in the cloud and provide a "cognitive threat confidence" as a microservice. The Windows client is simply a "client" that makes requests to the cloud service. Thus, in order to monitor and manage the costs of hosting the "free" beta, the IT team staggers beta tester activation into groups based on server load.

We apologize for the delay and very much appreciate your sign-up and interest in helping us test DeepArmor!

Ok that makes sense and even makes the program more interesting. Thanks for the info. Guess i will wait.

 

[shmu26]

how does deeparmor differ from the heuristics component found in many AV suites?

 

[Mr.NoName]

how does deeparmor differ from the heuristics component found in many AV suites?

As i see this program is not that AI than any other but it's not even Heur based we cannot talk about A.I here because there is not low for what is the meaning for A.i like (A.I need to have some basic requirements like take alone decisions and have implemented self learning algos and many more like form something that is very little to something that is huge like recognition ) so as i see and i know this is not even close то something called artificial intelligence just my advice to the DEV is to read more books before making something stupid ......
just to have some idea that this one is good like program i like the idea but need to get lot more work and exp. to make it real on this stage this is prototype i think very very early prototype "that why they call it beta preview " good luck with the prototype and we expect more to DEV's !
this is my opinion just to know im not specialist in this but this is the way i see the things comment and like dislike just to keep it interesting !


O and sorry for my poor English !
And the Website is awesome !!!

 

[_CyberGhosT_]

how does deeparmor differ from the heuristics component found in many AV suites?

That's a very long post, have you actually went to the site and did the homework ?
Before I signup for any Beta I know all I can about the product, it's a testers duty.
Home Site: Home - SparkCognition Inc
DeepArmor: A Cognitive Approach to Anti-malware - SparkCognition Inc

 

[jamescv7]

@shmu26: AI serves as a form of scratch analysis base without relying on signatures; therefore from the first place it can provide erroneous detection; however once the information collected thus lesser issues.

Heuristics is more relying on generic base detection, matching the same like behavior malicious code through numerous suspected programs.

 

[SHvFl]

So just for info they send beta only to people registered with a company email(no clue how they define company email when everyone can get a personal domain). They don't allow gmail, yahoo or outlook.
So just so i understand you all gave your company email to get access to this beta?
@shmu26 @_CyberGhosT_ @Mike Forgione

This seems beyond stupid practice to me. I am not going to give the company email to do personal beta testing. Work email is for business related stuff and also usually has the name of the user. So that's a terrible privacy practice to follow.
What is the logic behind your demand? @sarah_at_spark

 

[ZeroDay]

I've received an email from Deeparmour stating I need a company email address for my application to be a beta tester.

I don't have a company email address and I feel like I'm being made to jump through hoops to help a company beta test their software for bugs etc in my own spare time.

 

[Raheel99]

So just for info they send beta only to people registered with a company email(no clue how they define company email when everyone can get a personal domain). They don't allow gmail, yahoo or outlook.
So just so i understand you all gave your company email to get access to this beta?
@shmu26 @_CyberGhosT_ @Mike Forgione

This seems beyond stupid practice to me. I am not going to give the company email to do personal beta testing. Work email is for business related stuff.
What is the logic behind your demand? @sarah_at_spark

I have received their confirmation email to my gmail address. May be they have now changed email policy for beta tester.

 

[ZeroDay]

I received an email to my gmail address too but that email is requesting I use a company email to test beta software on my private machine. As I said above I feel like I'm being made to jump through hoops to help THEM test THEIR software.

 

[SHvFl]

I have received their confirmation email to my gmail address. May be they have now changed email policy for beta tester.

Thanks. I assumed that would have been the case.

I received an email to my gmail address too but that email is requesting I use a company email to test beta software on my private machine. As I said above I feel like I'm being made to jump through hoops to help THEM test THEIR software.

Same. Why does it matter if i use the company email and in what place does company email is for personal use. Even if the boss doesn't care company email is usually personalized with the user name. So now they also want my name to test their software. I will pass and they can figure this out on their own.
This policy is ridiculous. It's close to Cylance ridiculous.

 

[ZeroDay]

Thanks. I assumed that would have been the case.


Same. Why does it matter if i use the company email and in what place does company email is for personal use. Even if the boss doesn't care company email is usually personalized with the user name. So now they also want my name to test their software. I will pass and they can figure this out on their own.
This policy is ridiculous. It's close to Cylance ridiculous.

I agree I will not be proceeding with helping them test their software now.

 

[enaph]

I have also received the same email just a few minutes ago, so thank you SparkCognition, but I won't give you my business email because it looks like a shady pratice to me. I was willing to test the software and help the company but no way!