Cylance Smart Antivirus for Home users

Discussion in 'other anti-virus software' started by mekelek, Jul 12, 2018.

  1. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,507
    Gotcha. I would not mind checking it out. But am curious about protection etc.
     
  2. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,507
    No lol.
     
  3. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,649
    Location:
    Paris
    1). For any that are interested in Cylance and malware used in certain tests, check out:

    https://arstechnica.com/information-technology/2017/04/the-mystery-of-the-malware-that-wasnt/

    2). Don't know if any out there remember the worldwide (well, US, Australia, and NZ anyway) Dog and Pony show Cylance put on in 2015-6 (The Unbelievable Tour), but at these meetings Cylance would first demonstrate how their product dealt with malware that Cylance provided, but also on things that Attendees were requested to bring on Flash Drives. As the show I attended had an especially rough crowd things did not go so well (for C) and they certainly had to give out a number of Apple TV's (Still have one in my closet for a PS script that was able to beacon at 10 second pulses).
     
  4. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Problem is, how is anyone to know whether a given security product is equal to or better than its competitors' security products? So far I have found no alternative to reading test results -- except, of course, for buying & trying (which is a bit of a crap shoot, right?). So... would someone here be a nice person & install this AV, then visit lots of black-hat forums, & post taunts, & flame the other posters? Then report test results here -- if you still have a functional computer.

    But seriously, folks... the AI concept behind Cylance intrigues me & I would like to buy & support any honest effort to find new & better concepts for letting anybody's granny freely surf the net without getting her computer messed up.

    So then -- IF tests are useless (I say this hypothetically) then HOW does an "average home user" (me, for instance) select a viable AV? I ask that question, not to start arguments, but because I really want an answer. Is there one?
     
  5. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,556
  6. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Uhh... you watch TV in your closet? (just kidding). But seriously... as to your PS script, evidently Cylance couldn't catch it. Was there, at that time, any mass market security app that COULD catch it? (By the way --- very informative article. 10Q for linking it!)
    ~~~~~~~~~~~~~~~~~~~~
    ~ Comments Removed from Quoted Post Due to Copyrights ~

    @ Azure Phoenix... interesting article. ESET seems a bit upset by SOMEone's claims re AI in an AV. Reminds me of a line by the computer, HAL (see note), in 2001, a Space Oddyssey...

    on Dave's return to the ship, after HAL has killed the rest of the crew......
    HAL: Look Dave, I can see you're really upset about this. I honestly think you ought to sit down calmly, take a stress pill, and think things over.

    NOTE: HAL = Heuristic ALgorithmic computer
     
    Last edited by a moderator: Jul 18, 2018
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Hi Bellgamin

    To answer a couple of your questions. I pay no attention to tests, actually the only software I use is from vendors whom I trust. I use EAM because I trust the people behind Emsisoft. Same reason I use Appguard. Also I've done a lot of my own testing so I know what I've done.
     
  8. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,649
    Location:
    Paris
    Actually with this one most could. Cylance had issues with PS scripts (as well as stuff utilizing cmd.exe) at that time. My friend submitted one much more complex that raised a Users privilege by injecting into and spawning a false Cylance Service with a subsequent malicious dll loading. It's not that we were trying to be Obnoxious ******* on purpose, but we had heard about the testing done on previous "Unbelievable Tour" shows (they ran C against SEP, McAfee enterprise and one other that I forget). In all cases Cylance had like a 100% detection rate against malware that was provided by Cylance, whereas the others got 50% or (much) less. As both of use hated to considered idiots we thought nastiness on our parts was justifiable (also got T-Shirts in addition to the stupid Apple product).

    But anyway, in the article I referenced that malware pack used in the Tour is what was being discussed. Sadly this was about 6 months after the Tour finished.
     
  9. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,507
    So it appears that this product is not all that and a bag of chips.
     
  10. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,556
    @cruelsister

    You said
    "Cylance had issues with PS scripts (as well as stuff utilizing cmd.exe) at that time. "
    Does that mean they have improve and don't have the issue now?
     
  11. mekelek

    mekelek Registered Member

    Joined:
    May 5, 2017
    Posts:
    518
    Location:
    Hungary
    I had to ask the for the strictest policy with CylancePROTECT to get good results, which had all scripts blocked instantly. so yes, it's still weak against scriptors.
     
  12. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,556
    Ok. Thanks for the info.
     
  13. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,649
    Location:
    Paris
    The specific flaw that I used was indeed fixed about 2 months later. But as Mekelek stated, C still in general has issues with Scriptors (esp. Python)- but again which products don't (well, CF does not, but I'll refrain from writing that as I don't want to come across as a FanGirl...)?

    However the mechanism the my friend used was not. She did email me earlier this year (like March) and said that the service hijack flaw also was fixed- but this about 2 years after it was brought to their attention.

    To be fair I must admit that I've not had the desire to do current Penetration testing of C. However I will say that although the product does have Artificial Intelligence, it never seemed to me that it's IQ was very high, if you catch my drift...
     
  14. Socio

    Socio Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    362
    You can always use it in conjunction with a signature based AV, it does not work with some AVs but I was able to run it with Kasperskey without any conflicts and no noticeable slow downs.

    I was using the regular version of Cylance, not the home version, and had basically only read access to the dashboard so I was not able to wave or allow anything and that caused problems with some updates particularly driver related ones, so I removed Cylance from my scheme, for now anyway.
     
  15. mekelek

    mekelek Registered Member

    Joined:
    May 5, 2017
    Posts:
    518
    Location:
    Hungary
    well you have full control over this home version so you might give it an other go.
     
  16. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,507
    I'd rather not do that.
     
  17. hawaii007

    hawaii007 Registered Member

    Joined:
    May 20, 2018
    Posts:
    27
    Location:
    Hawaii
  18. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    Guess this pretty much sums it up:
    The lack of web filtering methods in most of the AI based products is pretty much their "Achilles heel."
     
  19. Socio

    Socio Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    362
    True, but you can use apps like Hitman Pro Alert and Heimdal Pro along with Cylance to fill that void.
     
  20. mekelek

    mekelek Registered Member

    Joined:
    May 5, 2017
    Posts:
    518
    Location:
    Hungary
    or it's perfect with a Comodo Firewall setup
     
  21. Gein

    Gein Registered Member

    Joined:
    Dec 8, 2013
    Posts:
    219
    That's honestly one of the reasons I like their product. The anti-malware system shouldn't be touching my web traffic at all.

    "It still matched the top score among products tested with my current malware collection. Cylance and F-Secure Anti-Virus are tied with 9.3 of 10 possible points."

    Whatever you think about the companies advertising practices, it's managing to provide a similar level of protection without installing a toolbar into your browser, or ruining your SSL/TLS security like kaspersky, eset, avast:
    https://www.bleepingcomputer.com/ne...n-kasperskys-https-traffic-inspection-system/
     
    Last edited: Jul 19, 2018
  22. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,770
    Location:
    New Mexico, USA
    True, but with Comodo Firewall properly configured, you don't need anything else.
     
  23. hawaii007

    hawaii007 Registered Member

    Joined:
    May 20, 2018
    Posts:
    27
    Location:
    Hawaii
    I am running
    PC1. Cylance Smart Antivirus +, Comodo Firewall 10 (CS) + HeimdalPro
    PC2. WFW + Cylance Smart Antivirus +, Hitman Pro Alert + HeimdalPro

    Both setups run smooth and light with no conflicts.
    PC1 setup a bit faster
     
  24. mekelek

    mekelek Registered Member

    Joined:
    May 5, 2017
    Posts:
    518
    Location:
    Hungary
    that 2nd setup is too weak to my taste, first is nice.
     
  25. hawaii007

    hawaii007 Registered Member

    Joined:
    May 20, 2018
    Posts:
    27
    Location:
    Hawaii
    Just testing it out on the family pc will change to match PC1 setup in the future as I like that better.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.