Unmaintained WiseVector Free AI Driven Security

HarborFront said:
What features (free or paid) depend on online/offline to function?

Thanks
Click to expand...

Hi HarborFront,

The free and paid version have the same static malware detection.
HEUR.XX detection relies on local AI engine, meanwhile the more powerful Cloud AI keeps working to extract malware family signatures(Trojan.Generic, etc) . Whenever a new signature has been generated, WiseVector will get it automatically through streaming update in seconds.

As you can see, WiseVector is fully functional on offline. However, you will get more detection on online because of the streaming update.


Merry Christmas
Eason
WiseVector
 
  • Like
Reactions: CloudyDefense, vtqhtr413, DeepWeb and 5 others
WiseVector said:
Hi HarborFront,

The free and paid version have the same static malware detection.
HEUR.XX detection relies on local AI engine, meanwhile the more powerful Cloud AI keeps working to extract malware family signatures(Trojan.Generic, etc) . Whenever a new signature has been generated, WiseVector will get it automatically through streaming update in seconds.

As you can see, WiseVector is fully functional on offline. However, you will get more detection on online because of the streaming update.


Merry Christmas
Eason
WiseVector
Click to expand...
Thanks
 
  • Like
Reactions: CloudyDefense and vtqhtr413
WiseVector said:
If all goes well, WiseVector should prevent malware from running. Like screenshot below,
Click to expand...

Why do you need to inject into explorer.exe to support the on-execution feature? I really hope you aren't API hooking for this given there's an officially supported and documented mechanism to filter process creation from Microsoft in WDK (which doesn't require affecting the integrity of other people's software).

WiseVector said:
1. Yes, WiseVector can intercept the program launched by scripts. If it is malware, WiseVector will block it.
Click to expand...

Script interpreters like PowerShell are based on the .NET Framework and support Platform Invocation (P/Invoke) to the Win32 API/NTAPI. Office VBA is no exception to this either, it supports P/Invoke. You do not need to drop a Win32 PE and then use it to perform malicious operations on the machine... it is entirely optional behavior.

Can WiseVector intercept and block operations being performed by a script alone?
 
  • Like
Reactions: vtqhtr413
Hi In2an3_PpG ,

1. The officially documented mechanism is not enough. There are a lot of API need to be protected, but you cannot protect them in kernel mode with PatchGuard enabled, especially in 64 bit. Actually, many AV (Comodo for example) hooks API in user mode even when they already have a kernel mode driver. They use APC to inject dll into a new process when driver gets notification.

2. PowerShell is powerful, that's right. You can use P/Invoke to the Windows API. However, you cannot execute a PowerShell script by simply double-clicking on it. You need a loader (pe, js, vbs, etc.). That means AVs can block PowerShell malwares in the early stage.
Our idea is to automatically extract complex patterns from a program's behavior graph, and then AI will decide whether to terminate this
program at a specific point in time. The point is try not to wait until the malicious PowerShell code to run, and it will be implemented in the next version of WiseVector.

Regards
Eason
WiseVector
 
  • Like
Reactions: Handsome Recluse, vtqhtr413, Der.Reisende and 5 others
WiseVector 1.30 + W10 Pro x64 RS5 (VMWare): WV can't see hidden folders in Custom Scan:
1546191139532.png
So I can't select system folders such us C:\ProgramData\ or C:\Users\<my user>\AppData\

I would like to add WV to my malware tests here in the MalWare Hub section, and after every dynamic test We have to run on demand scans over those folders to check if malicious files where spawned/dropped there...
 
  • Like
Reactions: vtqhtr413, roger_m, Der.Reisende and 3 others
Mikesierra said:
Eason, I would highly appreciate if you could publish change logs for new WiseVector releases.
Click to expand...
Hi Mikesierra,

Thanks for your suggestion.
We have change logs on our official website in Chinese.
Chinese version of WiseVector pops notice whenever the logs are changed.
Then English version will have the same function with the Chinese version and the English website will come in the future.

Regards,
Wendy
WiseVector
 
  • Like
Reactions: Sunshine-boy, stefanos, harlan4096 and 2 others
Telos said:
Interesting. I've been casually following this thread... and all along presumed this was a new effort by Wise. Gotta agree, this is suboptimally branded as "WiseVector".
Click to expand...


Yeah.

If they retain this name, that would be an UnWise Vector...

Bwahahaaa....

Ok fine.... it's not that funny.



For non-English speakers... 'vector' can mean 'direction'
 
  • Like
Reactions: Behold Eck, Handsome Recluse, stefanos and 1 other person
raveed said:
They should improve, the program must see all hidden and system folders. I wonder if with full scan, WV scans hidden areas?
Click to expand...

Hi Reveed,

Both full and fast scan will scan hidden folders and files.
The problem in custom scan has been fixed, please update WiseVector to the lastest version V1.31.

Advance Happy New Year!
Wendy
WiseVector
 
Last edited:
  • Like
Reactions: Sunshine-boy, stefanos, raveed and 2 others
harlan4096 said:
WiseVector 1.30 + W10 Pro x64 RS5 (VMWare): WV can't see hidden folders in Custom Scan:
So I can't select system folders such us C:\ProgramData\ or C:\Users\<my user>\AppData\

I would like to add WV to my malware tests here in the MalWare Hub section, and after every dynamic test We have to run on demand scans over those folders to check if malicious files where spawned/dropped there...
Click to expand...

Hi harlan4096,

Thanks for your feedback.
The problem in custom scan has been fixed, please update WiseVector to the lastest version V1.31.

Advance Happy New Year!
Wendy
WiseVector
 
Last edited:
  • Like
Reactions: stefanos, raveed, harlan4096 and 2 others
WiseVector said:
Hi Burrito,

We don't know there are so many names from one company similar with WiseVector and WiseVector has no connection with them indeed.:emoji_cold_sweat:
WiseVector has been registered already by our company, so this name will be kept.

Regards,
Wendy
WiseVector
Click to expand...


Hi Wendy,

Thank you for your response.

Very good then.

And I hope WiseVector does great..


Your Pal,

-Burrito
OtherVector
 
  • Like
Reactions: Behold Eck, harlan4096 and vtqhtr413
Burrito said:
Yeah.

If they retain this name, that would be an UnWise Vector...

Bwahahaaa....

Ok fine.... it's not that funny.



For non-English speakers... 'vector' can mean 'direction'
Click to expand...
Vector in English can mean both direction and destination
Burrito said:
OtherVector
Click to expand...
This is a name suggestion? Not bad.
 
  • Like
Reactions: Behold Eck, stefanos and Burrito
@WiseVector What advantages this product has among other similiar like in the security product market, why would users use it, what's so revolutionary exciting about it? What is the plan how to increase the userbase, and will the priority for english users will be the same as for the non-eng customers? Where do you see your companies future in few years if it'll still be around? Thanks.
 
  • Like
Reactions: harlan4096 and roger_m
@WiseVector: 2 more things (using WV 1.31):

1.- WV can't scan/follow a folder shortcut, tried with mouse left button setting -> Scan with WiseVector.

2.- When You start a custom scan with mouse left button setting -> Scan with WiseVector, the scanning window showing the process is not opened automatically, I had to click over the WV icon in Windows taskbar to open it.

Thanks!
 
  • Like
Reactions: vtqhtr413, JM Safe, raveed and 1 other person
How about the name "NewVector" instead? By the way, if these people are this responsive, this software will become a very good product soon hopefully. I remember the early days of OSArmor and look how good it is now.
 
  • Like
Reactions: vtqhtr413 and Burrito

You may also like...