Cylance for Home and SMB via Malware Managed - Testing

For regression testing and promotion testing Wilders is not very useful, since this can be done by people specialized in these testing methods with in insight knowledge of the product being tested.

For exploration testing this forum is a useful community, since the more different views on software and its usage, the more corners of the software will be explored. For penetration (pen) testing against live malware, my guess is that at Cruelsister hints at MalwareTips where members can ask for software to be tested against malware packs (is forbidden at Wilders).

At that forum a lot of Members are active as "youtube" testers. When your software is monkey proof and it performs well, you tube testing is a great marketing mechanism (because the test is from another user, a fellow consumer, which is trusted since it is based on real user experience, not vendor claims of vendor sponsored tests).

 

Ohhh, gotcha Kees... I was thinking more along the lines of developing the gui. BTW, I did not realize that type of testing was completely forbidden at wilders, I will be very careful from now on, thank you! .

 

Yes for GUI refinement, exploration testing is very useful. Since Cylance has no GUI, this forum is of little use to them (zero as I understand from their response).

I have to correct myself youtube references of amateurs are forbidden, developers/vendors are allowed to post youtube references to proof their claims (of their own products). So you are probably allowed to post and I am not.

 

i totally agree with you.

so what are they? salesmen ? i will be rude but here most doesn't care of salesmen speeches, they can say whatever they want , no trial = no verification of their claims...we want solid facts, not hearsay.
Your product ( Voodooshield) claims to do things , but at least we can test it to see if it is legit. With Cylance are we supposed to drink they words blindly while opening our wallet with a big smile ?

how can we ask for changes/improvement/better usability when we can't even test-run the said product. All major vendors have some way of letting potential customers to try their product , even Appguard (mainly focused on business market) has a trial version; even better NVT gives free beta version !

So they are just resellers ? if yes pointless.

i dont see it happening , the word "business, purchase, buy " appears too much in their replies.

Thx for your inputs.

 

Cool... I was just thinking that since MM relies on Cylance and the AV testing labs for efficacy testing on their infinity engine, that MM would be less concerned with that and more concerned with developing a gui for the consumer and smb.

Either way, I need to review the guidelines on wilders... I have not looked at them for 4+ years... that was many beers ago . Thank you!

 

Even now we implementing some tighter rules to make the said pen-testings results more "accurate and legit" .

 

Honestly, I think it is all just a big misunderstanding, and I think everyone is right. You brought up some killer points and I pretty much agreed with everything that you said, but sometimes text comes across a lot more harsh than what you intended. For example, I spoke with Dan and Joel throughout the weekend to help them get antiquated with wilders, and to let them know my first impressions of the software and what I found. I think it was Dan's first post on here... it did not sound like him at all. I mean, I knew what he was saying, but it did not come across well. It happens to me all the time, so I am used to it .

I believe they are ultimately resellers (although I was confused because they were definitely doing some tech stuff as well, so we can ask them)... but either way, it might work out so that MM can provide the feedback from you guys to Cylance to improve the product for home and smb. If it does not work out, it does not work out, but I think everyone should take a deep breath and see if it makes sense to work together to try to improve Cylance for home and smb.

Thank you!

 

Yeah, that's a good idea. Otherwise there might be a 19 year old Chinese boy making a youtube video where he thinks that he bypassed a certain security product, when in reality he was completely wrong . Not that anyone from malwaretips or wilders posted that... I am just saying . Thanks again!

 

yes we really knows about that

That may explain things. If it is the case i think an official of Cylance (like Public Relation dept. or dev ) with technical knowledge of the product should also be here.

Yep it happened before and we want avoid that; wouldn't be nice to our reputation (and for the vendors) especially since we are quite well-know now.

 

Hehehe, sometimes it does get a little difficult to code 16 hours in a day and then try to be coherent online .

Yeah, but I think they do a lot of the tech stuff as well... mainly Joel. Maybe they will give everyone a little more insight.

Yeah, if something is true, then it is true... you fix it and move along. But when something is not true, that is not cool .

 

Cylance is one of those products that may actually rather difficult product to test and get results that are of value in a production environment. Tests done by either a well established Testing Organization or by the 19 year old Chinese kid are invariably biased. By bias I mean that the tester is always well aware if the samples used in the test are malicious (for the malware portion) or benign (for the false Positive portion). This invariably leads to predetermined responses that although seemingly valid for the test may have no applicability in the scenario when the validity of the file is actually unknown (bias is common in whatever tests one can imagine- the Pharmaceutical industry tries to minimize it by conducting "Double Blind" studies where a drug is tested against a placebo, the identities of either being unknown until the conclusion of the test).

In a typical testing environment Bias isn't considered- the results for both FP's and malware detection are just jotted down and presented. In the real world, however, we don't know if a detection is real (malware) or imagined (FP) so production must be shut down while things are sorted out either my an extensive check of certificates or by running the questionable file in a virtual environment (which would present its own problems). A further issue is the diversity of malware used in a test. A given product may be superb aaginst things like Zbots and Ransomware but may be of little value against packed samples (FP's come in to play here) or file-less intrusions.

In short, a valid testing protocol would seek to resolve the above issues, but so far neither the Pro Testers nor the 19 year old Chinese kid seem willing to do this.

 

The analog with a medicine is completely of.

With medicine the placebo effect has to be ruled out, hence an A-B test with a placebo to measure the effect of a medicine over a placebo (because the medicine itself has a placebo effect also).

Nice story though.

 

Actually Double Blind studies (including Placebo controlled studies) are specifically set up to prevent Bias, which was the topic of my post. (Guess I went a bit into the weeds...)

 

Lots of info on Spiceworks: https://community.spiceworks.com/pages/cylanceinc

Cylance CEO Addresses Recent Reports
https://community.spiceworks.com/topic/1602284-cylance-ceo-addresses-recent-reports

 

lot of blabla mostly , they say and i quote:

Indeed i trust no one, it is why on my main machine, i only use anti-executables on lockdown and virtualization apps (which i have full control) , safer to me than any AV engines or pseudo-fancy-named "AI"
(as if we can call it an AI...)

at least i can test other vendors , but cannot with Cylance.

 

I thought it sounded quite funny myself.

 

It's a bit confusing, so Malware Managed hasn't got any ties with Cylance? So they basically are a third party reseller? I wonder why Cylance isn't releasing a consumer version version of their software.

 

For 60 bucks it needs to have a trial.

 

Yes I suppose so, but you also need to have a certain trust in your product. If it's really that good, it shouldn't cause too many problems.

 

Peter old buddy old pal do you think we should merge the two threads?
Did you look at my post about Dell? They are incorporating it in their end point security offer.

 

Ok thanks man

 

FWIW, after some issues with first install of mm_cylance on XP (currently uninstalled), today I installed it on my win7x64 at my day job desk. Went smoothly. running alongside 2016 KIS. I told KIS to trust cylance and not to monitor it. mm said it takes about 24 hours for system to "adjust." (scanning all the files?) I encountered no problems, I did see system "hesitate" occasionally opening a file, but no biggee and I expect that will calm down. mm also said they expect to have a home_user console sometime in July. That may change how many of us have been considering it(?) The outside management of the win7 I installed it on today, is of no concern to me due to how that pc is used.

boredog, you're running cylance, correct? what's your experience?