Cylance Questions
-
@scottalanmiller IIRC, Vipre effectiveness dropped considerably after they were sold to GFI.
-
@Danp said in Cylance Questions:
@scottalanmiller said in Cylance Questions:
I don't think we've had a single infection with either Webroot or Vipre for eight years or more!
Ditto for us since switching to Webroot. With Vipre, we had several infections slip through via drive by downloads.
At my last job we ran Vipre. Worked really well until it became GFI Endpoint protection or whatever it was. Then we got hit with a bunch of zero days etc. Moved to Webroot and, when I left at least, there was not a single new infection.
-
@Danp said in Cylance Questions:
@scottalanmiller IIRC, Vipre effectiveness dropped considerably after they were sold to GFI.
That's around when we left them.
-
@coliver That mirrors my experience as well.
-
Wow! A lot of hate thrown at ESET. I must be lucky because in the 5 years I've been using it, I haven't seen a single threat get through.
-
@Jstear said in Cylance Questions:
Wow! A lot of hate thrown at ESET. I must be lucky because in the 5 years I've been using it, I haven't seen a single threat get through.
We were outright scammed by them. We consider them a criminal entity, not just a bad vendor. They are blacklisted here and not allowed to be deployed, period. They actually tried to steal from us and our customers. We lost a fortune dealing with them and will never, ever do business with them unless they can provide solid documentation of their staff involved being fired and charges filed against them in court. They've failed to do so, we are considering the issues to be institutional and not something that can be fixed as it is just what the company is.
This is exacerbated by the fact that they are a security vendor so even more critical that they be ethical and trustworthy. You should never let an ESET rep in the door, let alone their software on your systems.
-
I tested out Cylance to see if it was as great as everyone says it is, but it was basically Webroot from what I could tell. The biggest issue I had with it was I couldn't do much management. I had to send most requests to the dealer I was getting the trial from. They said that was going to change in the future though.
-
@Jstear said in Cylance Questions:
I must be lucky because in the 5 years I've been using it, I haven't seen a single threat get through.
ESET themselves are the threat.
-
@scottalanmiller said in Cylance Questions:
@Jstear said in Cylance Questions:
Wow! A lot of hate thrown at ESET. I must be lucky because in the 5 years I've been using it, I haven't seen a single threat get through.
We were outright scammed by them. We consider them a criminal entity, not just a bad vendor. They are blacklisted here and not allowed to be deployed, period. They actually tried to steal from us and our customers. We lost a fortune dealing with them and will never, ever do business with them unless they can provide solid documentation of their staff involved being fired and charges filed against them in court. They've failed to do so, we are considering the issues to be institutional and not something that can be fixed as it is just what the company is.
This is exacerbated by the fact that they are a security vendor so even more critical that they be ethical and trustworthy. You should never let an ESET rep in the door, let alone their software on your systems.
Is there a post or blog that you have written about this incident? I'm curious to learn more.
-
@Jstear said in Cylance Questions:
I tested out Cylance to see if it was as great as everyone says it is, but it was basically Webroot from what I could tell. The biggest issue I had with it was I couldn't do much management. I has to send most requests to the dealer I was getting the trial from. They said that was going to change in the future though.
I've not heard of anything that really differentiates them from Webroot (other than costing way more.) They describe this awesome way that they work, but Webroot describes that way too. So not sure how much different they are. They had a session at SW last year but blew it big time - which was not really their fault and they've apologized and explained about that and that's all fine, but they had an opportunity to explain what made them different and failed to do so. They sound like a good option, but with Webroot at there, more mature, at a fraction of the price, I've not heard a compelling argument for Cylance's value proposition other than providing an alternative.
-
@scottalanmiller said in Cylance Questions:
@Jstear said in Cylance Questions:
I tested out Cylance to see if it was as great as everyone says it is, but it was basically Webroot from what I could tell. The biggest issue I had with it was I couldn't do much management. I has to send most requests to the dealer I was getting the trial from. They said that was going to change in the future though.
I've not heard of anything that really differentiates them from Webroot (other than costing way more.) They describe this awesome way that they work, but Webroot describes that way too. So not sure how much different they are. They had a session at SW last year but blew it big time - which was not really their fault and they've apologized and explained about that and that's all fine, but they had an opportunity to explain what made them different and failed to do so. They sound like a good option, but with Webroot at there, more mature, at a fraction of the price, I've not heard a compelling argument for Cylance's value proposition other than providing an alternative.
I've heard that Cylance sold their algorithm to Webroot. Whether that is true or not, I'm not sure.
-
@Jstear said in Cylance Questions:
@scottalanmiller said in Cylance Questions:
@Jstear said in Cylance Questions:
Wow! A lot of hate thrown at ESET. I must be lucky because in the 5 years I've been using it, I haven't seen a single threat get through.
We were outright scammed by them. We consider them a criminal entity, not just a bad vendor. They are blacklisted here and not allowed to be deployed, period. They actually tried to steal from us and our customers. We lost a fortune dealing with them and will never, ever do business with them unless they can provide solid documentation of their staff involved being fired and charges filed against them in court. They've failed to do so, we are considering the issues to be institutional and not something that can be fixed as it is just what the company is.
This is exacerbated by the fact that they are a security vendor so even more critical that they be ethical and trustworthy. You should never let an ESET rep in the door, let alone their software on your systems.
Is there a post or blog that you have written about this incident? I'm curious to learn more.
Probably, but it has been a long time. No idea where to find it Basically their sales staff had a kill switch on our software and would regularly kill ever ESET install we had (including customers) and turn off the AV and refuse to turn it back on to extort more money from us - which is super illegal and unethical. Not only that, for a long period of time, they had effectively gone out of business and literally couldn't turn their product back on because there was no staff working and no way to call in and get support. It was layers and layers of major problems from criminal theft, extortion, non-working phone systems, total lack of customer support, etc.
-
What is a Cylance? I see the GG's swarming the "Top A/V of 2016" thread at SW...
For some reason, I associate them with Battlestar Galactica... -
@scottalanmiller said in Cylance Questions:
@Jstear said in Cylance Questions:
I tested out Cylance to see if it was as great as everyone says it is, but it was basically Webroot from what I could tell. The biggest issue I had with it was I couldn't do much management. I has to send most requests to the dealer I was getting the trial from. They said that was going to change in the future though.
I've not heard of anything that really differentiates them from Webroot (other than costing way more.) They describe this awesome way that they work, but Webroot describes that way too. So not sure how much different they are. They had a session at SW last year but blew it big time - which was not really their fault and they've apologized and explained about that and that's all fine, but they had an opportunity to explain what made them different and failed to do so. They sound like a good option, but with Webroot at there, more mature, at a fraction of the price, I've not heard a compelling argument for Cylance's value proposition other than providing an alternative.
To boil it down to the essentials we do:
- Online database to identify known malicious software
- Machine Learning and heuristics to catch unknown bad actors
- Journaling and rollback for anything we can't immediately identify
Cylance focuses on one layer which is the machine learning and heuristics to classify software as good or bad. Their approach puts all their energy into making #2 the best it can be, whereas we have three layers that we spread our effort across. Different approaches, but both different from and superior to signature-based definitions.
-
@Danp said in Cylance Questions:
@scottalanmiller IIRC, Vipre effectiveness dropped considerably after they were sold....
And no more needs to be said.
Company bought out? Danger Will Robinson moment....
-
@Nic said in Cylance Questions:
@scottalanmiller said in Cylance Questions:
@Jstear said in Cylance Questions:
I tested out Cylance to see if it was as great as everyone says it is, but it was basically Webroot from what I could tell. The biggest issue I had with it was I couldn't do much management. I has to send most requests to the dealer I was getting the trial from. They said that was going to change in the future though.
I've not heard of anything that really differentiates them from Webroot (other than costing way more.) They describe this awesome way that they work, but Webroot describes that way too. So not sure how much different they are. They had a session at SW last year but blew it big time - which was not really their fault and they've apologized and explained about that and that's all fine, but they had an opportunity to explain what made them different and failed to do so. They sound like a good option, but with Webroot at there, more mature, at a fraction of the price, I've not heard a compelling argument for Cylance's value proposition other than providing an alternative.
To boil it down to the essentials we do:
- Online database to identify known malicious software
- Machine Learning and heuristics to catch unknown bad actors
- Journaling and rollback for anything we can't immediately identify
Cylance focuses on one layer which is the machine learning and heuristics to classify software as good or bad. Their approach puts all their energy into making #2 the best it can be, whereas we have three layers that we spread our effort across. Different approaches, but both different from and superior to signature-based definitions.
Basically, the Fro is right. While both our logos are both green and we are both NGAV, our approaches are wildly different. (and yes, he flagged me to come take a look)
Our model is based on a mathematical equation which was made with AI. We asked our AI to define a file, essentially mapping the DNA of a file, mapping its traits/features and other aspects into this equation, which became the endpoint product. We do not rely on DAT/Signatures/heuristics/behavior, instead focusing on the combined traits of the individual file. We make a determination pre-execution in 1/10th of a second.
I'm here to answer questions, or on the other site.
-
@nadnerB said in Cylance Questions:
What is a Cylance? I see the GG's swarming the "Top A/V of 2016" thread at SW...
For some reason, I associate them with Battlestar Galactica...It's an AV product with very bad marketing message. After SW last year, I literally didn't know that they were AV even having seen them. If @Richard_Cylance and @PackMatt73 didn't work there, I'd literally still not know what they do. Cylance really struggles to get enough clear information out to make you realize what they are.
-
@scottalanmiller That's why Matt and I are here - to make the message clear.
-
@Richard_Cylance said in Cylance Questions:
@scottalanmiller That's why Matt and I are here - to make the message clear.
Yes, Cylance has been making a lot of strides this year to fix messaging gaps since last year.
-
https://community.spiceworks.com/topic/post/6159618
More reading for fun.