Artificial Intelligence Security?

Anyone used Cylance for thier company?

I have done alot of research and a few demos with these guys and I need an unbiased opinion of thier protect product.

Runs about 2-3x the regular price point but so far it's seems solid if not far better than McAfee solutions we are using.

Find more posts tagged with

Comments

Danielm7

I've been using it for a year+ on a couple thousand systems, the detection has been very solid. We used to have Trend for what it's worth, so almost anything would have been better. We got the price down to equal or less to comparable solutions through negotiations. The console is so/so, having some issues feeding it to the SIEM since it's all cloud but that's more our infrastructure. It's not AI (is anything really AI in commercial products?) but it's been good. Depending on how high you want to turn up the script control you'll likely have a lot of whitelisting to deal with during setup but once it's all in place we've been pleased.

Cyberscum

Danielm7 wrote: »

I've been using it for a year+ on a couple thousand systems, the detection has been very solid. We used to have Trend for what it's worth, so almost anything would have been better. We got the price down to equal or less to comparable solutions through negotiations. The console is so/so, having some issues feeding it to the SIEM since it's all cloud but that's more our infrastructure. It's not AI (is anything really AI in commercial products?) but it's been good. Depending on how high you want to turn up the script control you'll likely have a lot of whitelisting to deal with during setup but once it's all in place we've been pleased.

I know a few state guys that use Trend and hate it lol.

Thanks for the response. I have heard the "on the go" features of it are pretty decent and the CPU usage during scans tends to be minimal.

What do you mean its not AI? Are you using the Cylance Protect? Their entire presentation was based on that fact. I have not researched that aspect of it, but if you know of anything that is not correct about that statement I would like to know.

Thanks again!

alias454

Carbon Black is in the same space I think. Might be worth looking at too if you are shopping around.

Danielm7

Cyberscum wrote: »

I know a few state guys that use Trend and hate it lol.

Thanks for the response. I have heard the "on the go" features of it are pretty decent and the CPU usage during scans tends to be minimal.

What do you mean its not AI? Are you using the Cylance Protect? Their entire presentation was based on that fact. I have not researched that aspect of it, but if you know of anything that is not correct about that statement I would like to know.

Thanks again!

The CPU usage during scans is really low, because it takes them literally days to do the initial scan then everything after that is a delta. When we rolled out there wasn't an option to tweak the speed of how the first scan happened, but it takes awhile, so you just have to plan for it.

I am using Cylance Protect, I just think their constant marketing that it's AI is a stretch. You don't load an agent that learns about things on it's own and alters it's algorithms to change the way it works going forward. They use a bunch of heavy math for things like ... "hey this type of behavior is suspect, we can calculate how that sort of behavior is detected, so when that happens, stop that behavior." Maybe a nitpick but considering they always say AI, then just say, oh well it's all math.

Overall it's a good product, their marketing team over-hypes things, but it's still good. It's been able to stop a few things without updates, not because it taught itself how to do it, but because the coding was set for specific types of suspicious behavior and the new attacks fell under those types.