SparkCognition DeepArmor

Status
Not open for further replies.

Mike Forgione

Level 1
Thread author
Apr 2, 2016
6
I was chosen as a Beta tester for Spark Cognition's AI AntiMalware. Has anybody heard about this? I am running it currently on a production machine because it is failing to install on my VMs. Is anybody getting similar issues? Also I found that it does NOT flag the Eicar test virus.
 

DardiM

Level 26
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
May 14, 2016
1,597
Never heard about this.

You was chosen as a beta tester ?
- How did you heard about them ?
- Why did they choose you ? Just after you have signed up ?

I though every security tools may pass the Eicar test virus.
- As a beta tester, have you reported them this "issue" ?
- Have you tested with some other basic virus / malware tests ?

You are running this beta tool on a production machine :
=> I hope you have made some backups of your system, data :eek:
 
Last edited:

OokamiCreed

Level 18
Verified
Honorary Member
Top Poster
Well-known
May 8, 2015
881
Probably doesn't detect the eicar test file because there is no signatures used in this. Probably geared toward behavioral and since eicar is considered a legit DOS program, it is not malicious and would not be caught if you were able to run it.

Never heard of this company or software. I might be interested in trying the beta however they need too much information (specifically phone number is a bit much) and I typically only try unknown software such as this in a VM. Being that 1) I do not have a VM set up 2) You say it doesn't run in a VM, so I will wait.
 

_CyberGhosT_

Level 53
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 2, 2015
4,286
Never heard about this.

You was chosen as a beta tester ?
- How did you heard about them ?
- Why did they choose you ? Just after you have signed up ?

I though every security tools may pass the Eicar test virus.
- As a beta tester, have you reported them this "issue" ?
- Have you tested with some other basic virus / malware tests ?

You are running this beta tool on a production machine :
=> I hope you have made some backups of your system, data :eek:
Yeah he signed up for the beta program, I follow Spaskcognition on Twitter, they seem to be a promising
company, I sent their staff an email about MalwareTips inviting them to stop by and search for quality beta testers here ;)
 

sarah_at_spark

Level 1
Sep 20, 2016
3
I was chosen as a Beta tester for Spark Cognition's AI AntiMalware. Has anybody heard about this? I am running it currently on a production machine because it is failing to install on my VMs. Is anybody getting similar issues? Also I found that it does NOT flag the Eicar test virus.

Hi Mike, sorry to hear about the issue you had installing DeepArmor in a VM. We do support running it in a VM as it is a primary mechanism for testing the protection in a "sandbox" environment.

Our support team is working to address the issue you encountered and we will update the DeepArmor client installer with a fix soon.

Also, with respect to the EICAR test virus, our development team had the following to say about it:

DeepArmor is signature-free so by nature does not alert on the EICAR test virus as no real malware incorporates their signature (i.e. they do not wish to be caught because of the EICAR signature).

The EICAR test virus is not actually a virus at all (and contains no viral components) per the information provided at the following URL:
Intended use ° EICAR - European Expert Group for IT-Security

DeepArmor instead is "trained" using cognitive algorithms on hundreds of thousands of real malware samples (and clean files) in order to predict (with some confidence interval) a new encountered file as either "malware" or "benign".

As the EICAR test virus is ultimately a benign Windows portable executable, DeepArmor will not alert against it.


Probably doesn't detect the eicar test file because there is no signatures used in this. Probably geared toward behavioral and since eicar is considered a legit DOS program, it is not malicious and would not be caught if you were able to run it.

That is exactly right OokamiCreed! Also, I spoke to the Marketing team and they said they would remove the phone number requirement from the sign-up.

The DeepArmor beta test sign-up is still available:
http://sparkcognition.com/a-cognitive-approach-to-anti-malware-2/
 
Last edited by a moderator:

_CyberGhosT_

Level 53
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 2, 2015
4,286
Last edited:

Mike Forgione

Level 1
Thread author
Apr 2, 2016
6
Never heard about this.

You was chosen as a beta tester ?
- How did you heard about them ?
- Why did they choose you ? Just after you have signed up ?

I though every security tools may pass the Eicar test virus.
- As a beta tester, have you reported them this "issue" ?
- Have you tested with some other basic virus / malware tests ?

You are running this beta tool on a production machine :
=> I hope you have made some backups of your system, data :eek:

I am not running this on a production machine any longer. I am not an idiot and I am not new to testing. I did install it on a production machine to verify I was able to get it to install on Windows 10. Also, I have many backups of my system. Yes I signed up to be a beta tester. I heard about this through my local ISSA chapter. They sent out the information last week so we could sign up for the beta.

I spoke with a few different people at Spark and found why Eicar was not picked up. Basically DeepArmor is an active install antimalware meaning it is only looking at things that are being installed not sitting on the file system. They did this for Beta because of how fast they are trying to get the product to everybody. They are looking to install this on as many workstations as they can.

Probably doesn't detect the eicar test file because there is no signatures used in this. Probably geared toward behavioral and since eicar is considered a legit DOS program, it is not malicious and would not be caught if you were able to run it.

Never heard of this company or software. I might be interested in trying the beta however they need too much information (specifically phone number is a bit much) and I typically only try unknown software such as this in a VM. Being that 1) I do not have a VM set up 2) You say it doesn't run in a VM, so I will wait.


I was able to get it running on a VM. It has a reliance on .NET framework 4.6 right now and the VM I was running wasn't updated. After I ran through all of the updates I was able to get .NET installed and DeepArmor is running currently.

Quick update on the beta...


I reached out to support regarding a couple of these issues and they are very quick to respond. I received emails back very quickly and then received a call thanking me for being active in the beta. So far it is a pretty cool piece of software. Resource usage has been very low with it running, nothing like normal AV. I have not overwhelmed the software yet with running an entire directory of malware but the one or two that I throw at it seems to be caught. I am looking forward to seeing how it does. Cylance peaked my interest a few months ago but I have not been able to get my hands on a demo yet.
 
Last edited by a moderator:

Mike Forgione

Level 1
Thread author
Apr 2, 2016
6
zLaqtxc.png


This is the console. I have only seen one alert pop up and unfortunately that was when I was legitimately trying to uninstall something, it flagged the uninstaller.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153

_CyberGhosT_

Level 53
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 2, 2015
4,286
@sarah_at_spark Any idea how long it takes to send me beta info. I registered a few days ago and not even a confirmation email.
Wow, I forgot this was here. I wonder if a admin would move my profile posts here to this thread ( @Exterminator )
Just the ones about DeepArmor.
 

toto

Level 4
Verified
Well-known
Oct 15, 2014
164
I was chosen as a Beta tester for Spark Cognition's AI AntiMalware. Has anybody heard about this? I am running it currently on a production machine because it is failing to install on my VMs. Is anybody getting similar issues? Also I found that it does NOT flag the Eicar test virus.
I tried to install it in a VM with windows 7 installed, it doesn't work on my VM either. It doesn't detect Eicar test file because it doesn't use signatures, and doesn't detect files before running them, you can't even scan files with it.
It looks very promising, but I do not know if it is stable to install it on my laptop and I have no idea if it works with Kaspersky or should I uninstall Kaspersky o_O
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top