SparkCognition DeepArmor

Status
Not open for further replies.

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,342
I have an idea, if she can help it wont be based here in the thread, all the MalwareTips members that signed up should PM her your Email addresses
that you used to signup for the beta program with ;)
Yeah, that's what i plan to do if she is up to it. Didn't want to straight up annoy her over pm because she might not want/can do anything.
 

_CyberGhosT_

Level 53
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 2, 2015
4,286
I tried to install it in a VM with windows 7 installed, it doesn't work on my VM either. It doesn't detect Eicar test file because it doesn't use signatures, and doesn't detect files before running them, you can't even scan files with it.
It looks very promising, but I do not know if it is stable to install it on my laptop and I have no idea if it works with Kaspersky or should I uninstall Kaspersky o_O
That test won't work and for good reason, that test does not contain any malware plain and simple. ;)
I would remove Kaspersky seeing this is a beta and a traditional sig based AV is going to interfere
with it at some level, but lets see what Sarah thinks.
 

_CyberGhosT_

Level 53
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 2, 2015
4,286
yeah !!
it basically doesn't run and try to harm the system, which basically is what deeparmor protects.
Ok, but it is looking for Malware algorithms which that test does not contain, your running a test designed for "sig based" Av's
It will never work for DeepGuard
::EDIT::
From DeepArmor
Why doesn’t DeepArmor alert on the EICAR test virus?
DeepArmor is signature-free so by nature does not alert on the EICAR test virus as no real malware incorporates their signature (i.e. they do not wish to be caught because of the EICAR signature).

The EICAR test virus is not actually a virus at all (and contains no viral components) per the information provided at the following URL: http://www.eicar.org/86-0-Intended-use.html

DeepArmor instead is “trained” using cognitive algorithms on hundreds of thousands of real malware samples (and clean files) in order to predict (with some confidence interval) a new encountered file as either “malware” or “benign”.

As the EICAR test virus is ultimately a benign Windows portable executable, DeepArmor will not alert against it.

I got it to trigger on the USB creator tool untbootin, here check it out :p
View attachment 119000

It for sure does not like Unetbootin lol
 
Last edited by a moderator:

sarah_at_spark

Level 1
Sep 20, 2016
3
@sarah_at_spark Any idea how long it takes to send me beta info. I registered a few days ago and not even a confirmation email.

Hey @SHvFl, @Raheel99, and @shmu26, sorry for the inconvenience. I confirmed the sign-up page does not generate a confirmation Email and have alerted my team to remedy this. As for the delay in activating the beta, I've reached out to the development team and they have provided the following response:

There are a few factors that contribute to the delay but the primary reason is as follows:

The DeepArmor cognitive models execute in the cloud and provide a "cognitive threat confidence" as a microservice. The Windows client is simply a "client" that makes requests to the cloud service. Thus, in order to monitor and manage the costs of hosting the "free" beta, the IT team staggers beta tester activation into groups based on server load.

We apologize for the delay and very much appreciate your sign-up and interest in helping us test DeepArmor!

I tried to install it in a VM with windows 7 installed, it doesn't work on my VM either. It doesn't detect Eicar test file because it doesn't use signatures, and doesn't detect files before running them, you can't even scan files with it.
It looks very promising, but I do not know if it is stable to install it on my laptop and I have no idea if it works with Kaspersky or should I uninstall Kaspersky o_O

DeepArmor is supported on Windows 7, running in a VM or on physical hardware. Please feel free to reach out to the support team 'deeparmor@sparkcognition.com' for help and include any error messages, etc. you see. DeepArmor should play nicely with Kaspersky and SparkCognition, Inc. does not recommend uninstalling your traditional AV. Please let the support team know if you encounter issues with DeepArmor running side-by-side with your signature-based AV.

Signature-based detection plus cognitive-based detection equals better threat coverage!
 
Last edited by a moderator:

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,342
Hey @SHvFl, sorry for the inconvenience. I confirmed the sign-up page does not generate a confirmation Email and have alerted my team to remedy this. As for the delay in activating the beta, I've reached out to the development team and they have provided the following response:

There are a few factors that contribute to the delay but the primary reason is as follows:

The DeepArmor cognitive models execute in the cloud and provide a "cognitive threat confidence" as a microservice. The Windows client is simply a "client" that makes requests to the cloud service. Thus, in order to monitor and manage the costs of hosting the "free" beta, the IT team staggers beta tester activation into groups based on server load.

We apologize for the delay and very much appreciate your sign-up and interest in helping us test DeepArmor!
Ok that makes sense and even makes the program more interesting. Thanks for the info. Guess i will wait.
 

Mr.NoName

Level 4
Verified
Feb 5, 2016
163
how does deeparmor differ from the heuristics component found in many AV suites?
As i see this program is not that AI than any other but it's not even Heur based we cannot talk about A.I here because there is not low for what is the meaning for A.i like (A.I need to have some basic requirements like take alone decisions and have implemented self learning algos and many more like form something that is very little to something that is huge like recognition ) so as i see and i know this is not even close то something called artificial intelligence just my advice to the DEV is to read more books before making something stupid ......
just to have some idea that this one is good like program i like the idea but need to get lot more work and exp. to make it real on this stage this is prototype i think very very early prototype "that why they call it beta preview " good luck with the prototype and we expect more to DEV's !
this is my opinion just to know im not specialist in this but this is the way i see the things comment and like dislike just to keep it interesting !


O and sorry for my poor English !
And the Website is awesome !!!
 

_CyberGhosT_

Level 53
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 2, 2015
4,286
Last edited:

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
@shmu26: AI serves as a form of scratch analysis base without relying on signatures; therefore from the first place it can provide erroneous detection; however once the information collected thus lesser issues.

Heuristics is more relying on generic base detection, matching the same like behavior malicious code through numerous suspected programs.
 

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,342
So just for info they send beta only to people registered with a company email(no clue how they define company email when everyone can get a personal domain). They don't allow gmail, yahoo or outlook.
So just so i understand you all gave your company email to get access to this beta?
@shmu26 @_CyberGhosT_ @Mike Forgione

This seems beyond stupid practice to me. I am not going to give the company email to do personal beta testing. Work email is for business related stuff and also usually has the name of the user. So that's a terrible privacy practice to follow.
What is the logic behind your demand? @sarah_at_spark
 
Last edited:

Raheel99

Level 1
Verified
Sep 15, 2016
31
So just for info they send beta only to people registered with a company email(no clue how they define company email when everyone can get a personal domain). They don't allow gmail, yahoo or outlook.
So just so i understand you all gave your company email to get access to this beta?
@shmu26 @_CyberGhosT_ @Mike Forgione

This seems beyond stupid practice to me. I am not going to give the company email to do personal beta testing. Work email is for business related stuff.
What is the logic behind your demand? @sarah_at_spark

I have received their confirmation email to my gmail address. May be they have now changed email policy for beta tester.
 

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,342
I have received their confirmation email to my gmail address. May be they have now changed email policy for beta tester.
Thanks. I assumed that would have been the case.

I received an email to my gmail address too but that email is requesting I use a company email to test beta software on my private machine. As I said above I feel like I'm being made to jump through hoops to help THEM test THEIR software.
Same. Why does it matter if i use the company email and in what place does company email is for personal use. Even if the boss doesn't care company email is usually personalized with the user name. So now they also want my name to test their software. I will pass and they can figure this out on their own.
This policy is ridiculous. It's close to Cylance ridiculous.
 

ZeroDay

Level 30
Verified
Top Poster
Well-known
Aug 17, 2013
1,905
Thanks. I assumed that would have been the case.


Same. Why does it matter if i use the company email and in what place does company email is for personal use. Even if the boss doesn't care company email is usually personalized with the user name. So now they also want my name to test their software. I will pass and they can figure this out on their own.
This policy is ridiculous. It's close to Cylance ridiculous.
I agree I will not be proceeding with helping them test their software now.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top