Cylance for Home and SMB via Malware Managed - Testing

"Note: MPS subscriptions are single use and assigned to one device"

http://www.malwaremanaged.com/

@ US$60 (82.83 Australian Dollar) that is quite expensive when you have more than one machine - and no trial, nar forget it!

 

I know there's deals out there, & I sometimes get a free license, but I was VERY surprised to received a 2-week advance email notice that the US based av on my win10 laptop is about to expire and will be auto-renewed for $98 US. Ugh! No way, & I know I did not pay $98 for the first year. Remote chance the email is spam, (JUST CONFIRMED that email IS SCAM/SPAM! -- looks real, even the links!! (I would rather pay $60 for mm_cylance based on its performance on my win7 the past 3 days and its promise of continued next-gen av protection)(actually, I have not used mm_cylance enough to say it's really worth $60, I guess I do like the idea of it, I must be a math nerd ) Hope this post still makes some sense after the edit re the scam/spam email

 

"boredog, you're running cylance, correct? what's your experience?"

So far so good. Only issues I know of is it had a conflict with WinAntiRansom Plus. WinAntiRansom would stop the install without warning. I found if I disabled WinAntiRansom Plus's protection the Cylance install went fine.
The other thing Cylance does is turns off Windows Defender.
I did a work around for that. Cylance support said the work around was fine and would not effect Cylance.


From Admin Command prompt:

CD..
CD..
cd Program Files/Cylance/Desktop
CylanceSvc.exe /unregister


I must say Clylance support has been great !!!

It did find and remove some software that came on my PC from Dell NEW!!!
I posted that somewhere in one of the two threads.

 

"mm also said they expect to have a home_user console sometime in July"

Maybe they should add that to their web site?

 

All new Customers get an invitation to their own Console when they sign-up for one of our Cylance PROTECT subscriptions. This allows the Customer to waive or quarantine any file.

 

Could you give a screenshot of this console somewhere? I'm interested to know what happens if Cylance detects a suspicious/unknown process. Does it block and unblock it in real time or does it submit the file to your servers? What happens if a user accidentally allows an unwelcome process; is it subsequently detected as malicious or is it allowed to run without further detection?

 

faircot, it adds the exe file name to the user console, and the file remain on your computer but does not allow access until you waive the file.

 

this is what you see if you click on your user icon in the tray.
the first two exe's were put in quarantine because they were not signed and are from a new av people are testing here.
they last one antitest.exe was from a test file and I can't remember which security vendor published it at this time.

 

Thanks for this (and your next post, too), boredog. From what you've posted, I can't see any way to accept/reject a flagged or quarantined file, or an explanation for Cylance quarantining it. It doesn't look like much of a user console to me.

Appreciate your time in replying.

 

faircot

the screen shot is only the gui on your computer not the online user console.

 

here is a partial screen from the online console. this is where you would waive a file.

 

Thanks, boredog. As others have said here it would be useful if Cylance and its resellers would be more open about the details of their product; that would stop people like me asking stupid questions .

As a sample of one I don't think I'm prepared to invest in a product that asks it to "trust us" cos I just don't.

 

If i understand this correctly you have to logon to a console via your browser to be able to remove for example an FP?

 

Sir yes sir

 

faircot

If someone asks a question and I can answer it I will even though every one that posts about Cylance seems to be Cylance haters.

I thought I saw a post from MM ( not cylance main company)the other day mentioning they are offering free trials? I think some people think cylance and MM are the same.

 

Well, maybe the attitude of malwaredan who started this thread and huffed off because he couldn't or wouldn't answer legitimate questions about this product has something to do with that!

 

Ok. So how does this work if your internet is cut off by a Cylance FP?

You seem a bit defensive, from a neutral standpoint.....i do not use it...having followed threads about them. Cylance seem borderline deceptive and reports of threats of lawsuits against resellers who made Cylance available for testing which btw showed a less than stellar perfomance creates IMO the picture of someone trying hard to quash the truth coming out. My question would be: Why do that if you have nothing to hide and you are as good as you claim to be?

Just my 2 cents.

 

once again I will say I think some people think cylance and MM are the same. MM is not Cylance , they only sell their product.

 

I think everyone here understands that, it is however just a matter of where you buy it from. The product is the same, the detection rate is the same and the fact we as home owners have to buy via MM does not change anything.

 

Did you take Joel from MM up on his offer for a trial?

https://www.wilderssecurity.com/threads/14-cutting-edge-firms-funded-by-the-cia.388765/#post-2624286

post 11 from MM

 

@Sir Percy asks: "Ok. So how does this work if your internet is cut off by a Cylance FP?"
That's an interesting question and I'll try to answer it.
Cylance PROTECT doesn't stop connections at the (TCP|UDP)/IP level, it can quarantine portable executable (PEs, DLLs) and it can block memory processes from performing illegal operations like stack-pivots or allocating remote memory (among others) - having said that, if your computer was disabled (for some reason) you could probably use your smart phone or a tablet device to access the Console if needed.

By the way, Cylance conducts free demos regularly (online) and was recently recognized for playing a pivotal role in stopping and remediating the malware that caused the OPM breach.

 

Before anyone buys this Cylance product I would strongly advise people to read their privacy policy.

They clearly state

That's right they will sell you out to law enforcement at the first sign of trouble. You have zero privacy when using Cylance.

Now they have your system data, what applications you use, what operating system, and what vulnerabilities your system has.

I'm all for new technologies but when a company is so closely in bed with law enforcement I just want to vomit.

 

FWIW I found MM to be helpful and fair. I run MM cylance on my day job win7x64.

 

They are funded by the CIA, so it is expected lol

 

and the CIA are bad people ?