So Cylance has run a series of its own shootout events to prove the superiority of Protect-tests that at least one competitor has called out as being "unfair."
Cylance antivirus fails software#
We've seen our software pirated, put in with an older version on purpose, a lack of updates, and those sorts of things." "But there are others who are frankly pay-to-play and will do anything the vendor wants them to do when it comes to the testing. "There are testing organizations that do see the need to change and are working to adapt their testing methodologies," he said. In an interview with Ars, Cylance's Skipper said that current malware testing was out of step with the real threats. "Even if score well in our tests," said Peter Stelzhammer, co-founder of the testing organization AV-Comparatives, "they 'trust' only their own sponsored test, where they can dictate the methodology."Ĭylance executives, in turn, have accused some testing companies of running tests that inaccurately represent performance-or of outright "fraud," as one Cylance exec has repeatedly asserted in blog posts and interviews. These critics have also accused Cylance of using legal threats to block independent, competitive testing. "It's the one industry where if you talk to any end user, they pretty much hate the product they buy every year."īut over the past year, competitors and testing companies have accused Cylance of using product tests that favor the company. "I've always been of the opinion that the antivirus industry is a little weird compared to the rest of infosec," said Carl Gottlieb, CTO of the UK-based security consulting firm Cognition.
One reason Cylance and other new malware protection contenders have drawn so much investment-over $1.8 billion in venture capital since 2014-is that the malware protection industry is ripe for disruption. The company's idea has drawn investors in fact, the stakes in Cylance taken by venture capital firms thus far value the company at $1 billion. Rather than use heuristics that look for behaviors matching specific rules, Protect has been “trained” using "the DNA markers of 1 billion known bad and 1 billion known good files," said Cylance's vice president of product testing and industry relations, Chad Skipper. Protect bases its detection and blocking of malware on machine learning technology. Protect has been highly ranked by a number of industry analysts for its innovative approach to "advanced endpoint security," the broad term used to describe products designed to stop modern malware and other threats to personal computers. That led the engineer to believe Cylance was using the test to close the sale by providing files that other products wouldn't detect-that is, bogus malware only Protect would catch. Curious, the engineer took a closer look at the files in question-and found that seven weren't malware at all. In testing, Protect identified all 48 of the samples as malicious, while competing products flagged most but not all of them.
Cylance antivirus fails archive#
One of the vendors had provided a set of malware samples to test-48 files in an archive stored in the vendor's Box cloud storage account. The vendor providing those samples was Cylance, the information security company behind Protect, a "next generation" endpoint protection system built on machine learning.
Last November, a systems engineer at a large company was evaluating security software products when he discovered something suspicious.
0 kommentar(er)
