Story image

Anti-virus and anti-malware competition to heat up with new entrant

29 May 16

Cylance claims to have a fresh approach to anti-virus and anti-malware protection. Instead of relying upon a signature database of known malicious files they operate very differently. 

Traditionally manufacturers of anti-virus and anti-malware wait until after the malicious coders have got their payload out into the community. It's collected and studied by security analysts. The new threat then gets added to their database of known threats.

This database of threats is called the signature database. This database then gets distributed to each of the manufacturers software clients, and they actively watch for threats from the list.

Clearly the problem becomes that you're identifying the issue after your computer, and business is infected. Manufacturers have been getting faster and faster at this cycle, reducing from months to just days for new threats to be catalogued.

For enterprise clients with financial, design and other confidential information to protect, this isn't acceptable.

A new concept was coined in recent years, Zero day threat protection. The idea being that security software would be able to identify malicious files and code without them being a known threat.

Cylance is an up and coming security solution which is installed on the endpoint device.

It doesn't scan your computer for virus' or malware nor does it have a database of known threats.

What Cylance does is that they are continually analysing existing and new threats in their labs and looking for common themes and attributes.

These then are boiled down into a lightweight agent that utilises machine learning and artificial intelligence to predict if a file is malicious or not.  This agent is then distributed to all endpoints within the enterprise. This is then used by their clients to identify threats, even if it's a totally new threat never discovered before.

Almost all new threats follow similar patterns to old threats so their endpoint agent doesn't need updating as often as traditional solutions using the signature database approach.

They've taken this a step further with a predictive engine. They claim that their solutions are significantly more effective than leading competitors at discovering brand new threats the first time.

This is a radical departure from a part of the security industry that hasn't been innovating. Their software was released a year ago, and they've now got over a thousand enterprise clients with 4 million nodes under management.

There are plans to bring the product to consumers at a later date, although their current focus is entirely on business and enterprise clients.

Gartner names newcomer Exabeam a leader in SIEM
The vendor landscape for SIEM is evolving, with recent entrants bringing technologies optimised for analytics use cases.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Genesys PureCloud generates triple-digit revenue growth year on year
In Australia and New Zealand, the company boosted PureCloud revenue by nearly 100%.
Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.
IDC: Standalone VR headset shipments grow 428.6% in 3Q18
The VR headset market returned to growth in 3Q18 after four consecutive quarters of decline and now makes up 97% of the combined market.
Open source will be the next big thing for the channel
Channel firms should be on the lookout for opportunities across open source and more diverse software offerings like software-defined containers and storage.
Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.
NBN Co rolls out 'optimised' wholesale business bundles for ISPs
“We recognise some businesses are on nbn powered plans that have not been optimised for their needs," says Paul Tyler.