ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Cerber virus/ransomware making the rounds...

    Scheduled Pinned Locked Moved IT Discussion
    virusransomwarespam
    28 Posts 13 Posters 15.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • coliverC
      coliver @JaredBusch
      last edited by

      @JaredBusch said in Cerber virus/ransomware making the rounds...:

      @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

      @Kelly said in Cerber virus/ransomware making the rounds...:

      @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

      Another cool thing that we're going to be doing, but not as a result of this infection, is evaluating and maybe implementing Cylance in lieu of Trend on our systems.

      I'm not sure if it's appropriate to say, but their engine seems revolutionary.

      What makes you say that Rob?

      Mostly that it's not conventional scanning, but instead it analyzes what the files do rather than just signatures or patterns. The closest comparison I can come up with is the way Android app permissions are broken down in the app store - - it can identify if a file's threat by the characteristics contained therein. Here's an analysis of the FreeConferenceCall.com installer:

      I really want to see a good comparison of Webroot and Cylance from someone not related to either company.

      My problem with Cylance was that there was no small business pricing. they started at something like 1000 licenses at their SpiceWorld 2015 demo. Only knocking it down to 500 during the show.

      I can't +1 this enough. Some of the schools in our system are demoing Cylance but I haven't heard one way or another about them yet.

      1 Reply Last reply Reply Quote 1
      • DustinB3403D
        DustinB3403
        last edited by

        Shouldn't this be in the IT Discussions sub?

        Why is it in water-cooler?

        gjacobseG 1 Reply Last reply Reply Quote 0
        • gjacobseG
          gjacobse @DustinB3403
          last edited by

          @DustinB3403 said in Cerber virus/ransomware making the rounds...:

          Shouldn't this be in the IT Discussions sub?

          Why is it in water-cooler?

          Topic Moved to IT Discussions.

          1 Reply Last reply Reply Quote 0
          • NicN
            Nic @JaredBusch
            last edited by

            @JaredBusch said in Cerber virus/ransomware making the rounds...:

            @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

            @Kelly said in Cerber virus/ransomware making the rounds...:

            @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

            Another cool thing that we're going to be doing, but not as a result of this infection, is evaluating and maybe implementing Cylance in lieu of Trend on our systems.

            I'm not sure if it's appropriate to say, but their engine seems revolutionary.

            What makes you say that Rob?

            Mostly that it's not conventional scanning, but instead it analyzes what the files do rather than just signatures or patterns. The closest comparison I can come up with is the way Android app permissions are broken down in the app store - - it can identify if a file's threat by the characteristics contained therein. Here's an analysis of the FreeConferenceCall.com installer:

            I really want to see a good comparison of Webroot and Cylance from someone not related to either company.

            My problem with Cylance was that there was no small business pricing. they started at something like 1000 licenses at their SpiceWorld 2015 demo. Only knocking it down to 500 during the show.

            Hopefully the testing companies will get there eventually. They're all so geared towards signature detections and it's hard to get them to change. That's why we don't show up in some of them, as they won't come up with a methodology that better reflects what we do.

            DashrenderD 1 Reply Last reply Reply Quote 1
            • DashrenderD
              Dashrender @Nic
              last edited by Dashrender

              @Nic said in Cerber virus/ransomware making the rounds...:

              @JaredBusch said in Cerber virus/ransomware making the rounds...:

              @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

              @Kelly said in Cerber virus/ransomware making the rounds...:

              @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

              Another cool thing that we're going to be doing, but not as a result of this infection, is evaluating and maybe implementing Cylance in lieu of Trend on our systems.

              I'm not sure if it's appropriate to say, but their engine seems revolutionary.

              What makes you say that Rob?

              Mostly that it's not conventional scanning, but instead it analyzes what the files do rather than just signatures or patterns. The closest comparison I can come up with is the way Android app permissions are broken down in the app store - - it can identify if a file's threat by the characteristics contained therein. Here's an analysis of the FreeConferenceCall.com installer:

              I really want to see a good comparison of Webroot and Cylance from someone not related to either company.

              My problem with Cylance was that there was no small business pricing. they started at something like 1000 licenses at their SpiceWorld 2015 demo. Only knocking it down to 500 during the show.

              Hopefully the testing companies will get there eventually. They're all so geared towards signature detections and it's hard to get them to change. That's why we don't show up in some of them, as they won't come up with a methodology that better reflects what we do.

              I liked Cylance's demo - go to totalvirus, download the last 100 uploaded viruii, and run them.

              Youtube Video

              NicN 1 Reply Last reply Reply Quote 0
              • NicN
                Nic @Dashrender
                last edited by

                @Dashrender said in Cerber virus/ransomware making the rounds...:

                @Nic said in Cerber virus/ransomware making the rounds...:

                @JaredBusch said in Cerber virus/ransomware making the rounds...:

                @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                @Kelly said in Cerber virus/ransomware making the rounds...:

                @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                Another cool thing that we're going to be doing, but not as a result of this infection, is evaluating and maybe implementing Cylance in lieu of Trend on our systems.

                I'm not sure if it's appropriate to say, but their engine seems revolutionary.

                What makes you say that Rob?

                Mostly that it's not conventional scanning, but instead it analyzes what the files do rather than just signatures or patterns. The closest comparison I can come up with is the way Android app permissions are broken down in the app store - - it can identify if a file's threat by the characteristics contained therein. Here's an analysis of the FreeConferenceCall.com installer:

                I really want to see a good comparison of Webroot and Cylance from someone not related to either company.

                My problem with Cylance was that there was no small business pricing. they started at something like 1000 licenses at their SpiceWorld 2015 demo. Only knocking it down to 500 during the show.

                Hopefully the testing companies will get there eventually. They're all so geared towards signature detections and it's hard to get them to change. That's why we don't show up in some of them, as they won't come up with a methodology that better reflects what we do.

                I liked Cylance's demo - go to totalvirus, download the last 100 uploaded viruii, and run them.

                That's a good start, but it's tough to truly get a zero day virus that hasn't been seen yet, for a real world test. If it's on virustotal then it's already been identified as a virus by most of the AV companies.

                wirestyle22W 1 Reply Last reply Reply Quote 2
                • wirestyle22W
                  wirestyle22 @Nic
                  last edited by

                  @Nic said in Cerber virus/ransomware making the rounds...:

                  @Dashrender said in Cerber virus/ransomware making the rounds...:

                  @Nic said in Cerber virus/ransomware making the rounds...:

                  @JaredBusch said in Cerber virus/ransomware making the rounds...:

                  @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                  @Kelly said in Cerber virus/ransomware making the rounds...:

                  @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                  Another cool thing that we're going to be doing, but not as a result of this infection, is evaluating and maybe implementing Cylance in lieu of Trend on our systems.

                  I'm not sure if it's appropriate to say, but their engine seems revolutionary.

                  What makes you say that Rob?

                  Mostly that it's not conventional scanning, but instead it analyzes what the files do rather than just signatures or patterns. The closest comparison I can come up with is the way Android app permissions are broken down in the app store - - it can identify if a file's threat by the characteristics contained therein. Here's an analysis of the FreeConferenceCall.com installer:

                  I really want to see a good comparison of Webroot and Cylance from someone not related to either company.

                  My problem with Cylance was that there was no small business pricing. they started at something like 1000 licenses at their SpiceWorld 2015 demo. Only knocking it down to 500 during the show.

                  Hopefully the testing companies will get there eventually. They're all so geared towards signature detections and it's hard to get them to change. That's why we don't show up in some of them, as they won't come up with a methodology that better reflects what we do.

                  I liked Cylance's demo - go to totalvirus, download the last 100 uploaded viruii, and run them.

                  That's a good start, but it's tough to truly get a zero day virus that hasn't been seen yet, for a real world test. If it's on virustotal then it's already been identified as a virus by most of the AV companies.

                  No way to get around it entirely

                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @wirestyle22
                    last edited by

                    @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                    @Nic said in Cerber virus/ransomware making the rounds...:

                    @Dashrender said in Cerber virus/ransomware making the rounds...:

                    @Nic said in Cerber virus/ransomware making the rounds...:

                    @JaredBusch said in Cerber virus/ransomware making the rounds...:

                    @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                    @Kelly said in Cerber virus/ransomware making the rounds...:

                    @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                    Another cool thing that we're going to be doing, but not as a result of this infection, is evaluating and maybe implementing Cylance in lieu of Trend on our systems.

                    I'm not sure if it's appropriate to say, but their engine seems revolutionary.

                    What makes you say that Rob?

                    Mostly that it's not conventional scanning, but instead it analyzes what the files do rather than just signatures or patterns. The closest comparison I can come up with is the way Android app permissions are broken down in the app store - - it can identify if a file's threat by the characteristics contained therein. Here's an analysis of the FreeConferenceCall.com installer:

                    I really want to see a good comparison of Webroot and Cylance from someone not related to either company.

                    My problem with Cylance was that there was no small business pricing. they started at something like 1000 licenses at their SpiceWorld 2015 demo. Only knocking it down to 500 during the show.

                    Hopefully the testing companies will get there eventually. They're all so geared towards signature detections and it's hard to get them to change. That's why we don't show up in some of them, as they won't come up with a methodology that better reflects what we do.

                    I liked Cylance's demo - go to totalvirus, download the last 100 uploaded viruii, and run them.

                    That's a good start, but it's tough to truly get a zero day virus that hasn't been seen yet, for a real world test. If it's on virustotal then it's already been identified as a virus by most of the AV companies.

                    No way to get around it entirely

                    Run them side by side in the real world (honeypot kind of thing) and test.

                    wirestyle22W 1 Reply Last reply Reply Quote 1
                    • wirestyle22W
                      wirestyle22 @scottalanmiller
                      last edited by

                      @scottalanmiller said in Cerber virus/ransomware making the rounds...:

                      @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                      @Nic said in Cerber virus/ransomware making the rounds...:

                      @Dashrender said in Cerber virus/ransomware making the rounds...:

                      @Nic said in Cerber virus/ransomware making the rounds...:

                      @JaredBusch said in Cerber virus/ransomware making the rounds...:

                      @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                      @Kelly said in Cerber virus/ransomware making the rounds...:

                      @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                      Another cool thing that we're going to be doing, but not as a result of this infection, is evaluating and maybe implementing Cylance in lieu of Trend on our systems.

                      I'm not sure if it's appropriate to say, but their engine seems revolutionary.

                      What makes you say that Rob?

                      Mostly that it's not conventional scanning, but instead it analyzes what the files do rather than just signatures or patterns. The closest comparison I can come up with is the way Android app permissions are broken down in the app store - - it can identify if a file's threat by the characteristics contained therein. Here's an analysis of the FreeConferenceCall.com installer:

                      I really want to see a good comparison of Webroot and Cylance from someone not related to either company.

                      My problem with Cylance was that there was no small business pricing. they started at something like 1000 licenses at their SpiceWorld 2015 demo. Only knocking it down to 500 during the show.

                      Hopefully the testing companies will get there eventually. They're all so geared towards signature detections and it's hard to get them to change. That's why we don't show up in some of them, as they won't come up with a methodology that better reflects what we do.

                      I liked Cylance's demo - go to totalvirus, download the last 100 uploaded viruii, and run them.

                      That's a good start, but it's tough to truly get a zero day virus that hasn't been seen yet, for a real world test. If it's on virustotal then it's already been identified as a virus by most of the AV companies.

                      No way to get around it entirely

                      Run them side by side in the real world (honeypot kind of thing) and test.

                      No I mean zero day viruses

                      scottalanmillerS 1 Reply Last reply Reply Quote 0
                      • scottalanmillerS
                        scottalanmiller @wirestyle22
                        last edited by

                        @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                        @scottalanmiller said in Cerber virus/ransomware making the rounds...:

                        @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                        @Nic said in Cerber virus/ransomware making the rounds...:

                        @Dashrender said in Cerber virus/ransomware making the rounds...:

                        @Nic said in Cerber virus/ransomware making the rounds...:

                        @JaredBusch said in Cerber virus/ransomware making the rounds...:

                        @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                        @Kelly said in Cerber virus/ransomware making the rounds...:

                        @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                        Another cool thing that we're going to be doing, but not as a result of this infection, is evaluating and maybe implementing Cylance in lieu of Trend on our systems.

                        I'm not sure if it's appropriate to say, but their engine seems revolutionary.

                        What makes you say that Rob?

                        Mostly that it's not conventional scanning, but instead it analyzes what the files do rather than just signatures or patterns. The closest comparison I can come up with is the way Android app permissions are broken down in the app store - - it can identify if a file's threat by the characteristics contained therein. Here's an analysis of the FreeConferenceCall.com installer:

                        I really want to see a good comparison of Webroot and Cylance from someone not related to either company.

                        My problem with Cylance was that there was no small business pricing. they started at something like 1000 licenses at their SpiceWorld 2015 demo. Only knocking it down to 500 during the show.

                        Hopefully the testing companies will get there eventually. They're all so geared towards signature detections and it's hard to get them to change. That's why we don't show up in some of them, as they won't come up with a methodology that better reflects what we do.

                        I liked Cylance's demo - go to totalvirus, download the last 100 uploaded viruii, and run them.

                        That's a good start, but it's tough to truly get a zero day virus that hasn't been seen yet, for a real world test. If it's on virustotal then it's already been identified as a virus by most of the AV companies.

                        No way to get around it entirely

                        Run them side by side in the real world (honeypot kind of thing) and test.

                        No I mean zero day viruses

                        Me too.

                        wirestyle22W 1 Reply Last reply Reply Quote 0
                        • wirestyle22W
                          wirestyle22 @scottalanmiller
                          last edited by

                          @scottalanmiller said in Cerber virus/ransomware making the rounds...:

                          @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                          @scottalanmiller said in Cerber virus/ransomware making the rounds...:

                          @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                          @Nic said in Cerber virus/ransomware making the rounds...:

                          @Dashrender said in Cerber virus/ransomware making the rounds...:

                          @Nic said in Cerber virus/ransomware making the rounds...:

                          @JaredBusch said in Cerber virus/ransomware making the rounds...:

                          @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                          @Kelly said in Cerber virus/ransomware making the rounds...:

                          @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                          Another cool thing that we're going to be doing, but not as a result of this infection, is evaluating and maybe implementing Cylance in lieu of Trend on our systems.

                          I'm not sure if it's appropriate to say, but their engine seems revolutionary.

                          What makes you say that Rob?

                          Mostly that it's not conventional scanning, but instead it analyzes what the files do rather than just signatures or patterns. The closest comparison I can come up with is the way Android app permissions are broken down in the app store - - it can identify if a file's threat by the characteristics contained therein. Here's an analysis of the FreeConferenceCall.com installer:

                          I really want to see a good comparison of Webroot and Cylance from someone not related to either company.

                          My problem with Cylance was that there was no small business pricing. they started at something like 1000 licenses at their SpiceWorld 2015 demo. Only knocking it down to 500 during the show.

                          Hopefully the testing companies will get there eventually. They're all so geared towards signature detections and it's hard to get them to change. That's why we don't show up in some of them, as they won't come up with a methodology that better reflects what we do.

                          I liked Cylance's demo - go to totalvirus, download the last 100 uploaded viruii, and run them.

                          That's a good start, but it's tough to truly get a zero day virus that hasn't been seen yet, for a real world test. If it's on virustotal then it's already been identified as a virus by most of the AV companies.

                          No way to get around it entirely

                          Run them side by side in the real world (honeypot kind of thing) and test.

                          No I mean zero day viruses

                          Me too.

                          I don't have faith either would do the job

                          scottalanmillerS 1 Reply Last reply Reply Quote 0
                          • scottalanmillerS
                            scottalanmiller @wirestyle22
                            last edited by

                            @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                            @scottalanmiller said in Cerber virus/ransomware making the rounds...:

                            @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                            @scottalanmiller said in Cerber virus/ransomware making the rounds...:

                            @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                            @Nic said in Cerber virus/ransomware making the rounds...:

                            @Dashrender said in Cerber virus/ransomware making the rounds...:

                            @Nic said in Cerber virus/ransomware making the rounds...:

                            @JaredBusch said in Cerber virus/ransomware making the rounds...:

                            @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                            @Kelly said in Cerber virus/ransomware making the rounds...:

                            @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                            Another cool thing that we're going to be doing, but not as a result of this infection, is evaluating and maybe implementing Cylance in lieu of Trend on our systems.

                            I'm not sure if it's appropriate to say, but their engine seems revolutionary.

                            What makes you say that Rob?

                            Mostly that it's not conventional scanning, but instead it analyzes what the files do rather than just signatures or patterns. The closest comparison I can come up with is the way Android app permissions are broken down in the app store - - it can identify if a file's threat by the characteristics contained therein. Here's an analysis of the FreeConferenceCall.com installer:

                            I really want to see a good comparison of Webroot and Cylance from someone not related to either company.

                            My problem with Cylance was that there was no small business pricing. they started at something like 1000 licenses at their SpiceWorld 2015 demo. Only knocking it down to 500 during the show.

                            Hopefully the testing companies will get there eventually. They're all so geared towards signature detections and it's hard to get them to change. That's why we don't show up in some of them, as they won't come up with a methodology that better reflects what we do.

                            I liked Cylance's demo - go to totalvirus, download the last 100 uploaded viruii, and run them.

                            That's a good start, but it's tough to truly get a zero day virus that hasn't been seen yet, for a real world test. If it's on virustotal then it's already been identified as a virus by most of the AV companies.

                            No way to get around it entirely

                            Run them side by side in the real world (honeypot kind of thing) and test.

                            No I mean zero day viruses

                            Me too.

                            I don't have faith either would do the job

                            Isn't the other choice... neither, though? Will "none" do the job?

                            wirestyle22W 1 Reply Last reply Reply Quote 0
                            • wirestyle22W
                              wirestyle22 @scottalanmiller
                              last edited by

                              @scottalanmiller said in Cerber virus/ransomware making the rounds...:

                              @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                              @scottalanmiller said in Cerber virus/ransomware making the rounds...:

                              @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                              @scottalanmiller said in Cerber virus/ransomware making the rounds...:

                              @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                              @Nic said in Cerber virus/ransomware making the rounds...:

                              @Dashrender said in Cerber virus/ransomware making the rounds...:

                              @Nic said in Cerber virus/ransomware making the rounds...:

                              @JaredBusch said in Cerber virus/ransomware making the rounds...:

                              @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                              @Kelly said in Cerber virus/ransomware making the rounds...:

                              @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                              Another cool thing that we're going to be doing, but not as a result of this infection, is evaluating and maybe implementing Cylance in lieu of Trend on our systems.

                              I'm not sure if it's appropriate to say, but their engine seems revolutionary.

                              What makes you say that Rob?

                              Mostly that it's not conventional scanning, but instead it analyzes what the files do rather than just signatures or patterns. The closest comparison I can come up with is the way Android app permissions are broken down in the app store - - it can identify if a file's threat by the characteristics contained therein. Here's an analysis of the FreeConferenceCall.com installer:

                              I really want to see a good comparison of Webroot and Cylance from someone not related to either company.

                              My problem with Cylance was that there was no small business pricing. they started at something like 1000 licenses at their SpiceWorld 2015 demo. Only knocking it down to 500 during the show.

                              Hopefully the testing companies will get there eventually. They're all so geared towards signature detections and it's hard to get them to change. That's why we don't show up in some of them, as they won't come up with a methodology that better reflects what we do.

                              I liked Cylance's demo - go to totalvirus, download the last 100 uploaded viruii, and run them.

                              That's a good start, but it's tough to truly get a zero day virus that hasn't been seen yet, for a real world test. If it's on virustotal then it's already been identified as a virus by most of the AV companies.

                              No way to get around it entirely

                              Run them side by side in the real world (honeypot kind of thing) and test.

                              No I mean zero day viruses

                              Me too.

                              I don't have faith either would do the job

                              Isn't the other choice... neither, though? Will "none" do the job?

                              That's definitely a question

                              scottalanmillerS 1 Reply Last reply Reply Quote 0
                              • scottalanmillerS
                                scottalanmiller @wirestyle22
                                last edited by

                                @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                                @scottalanmiller said in Cerber virus/ransomware making the rounds...:

                                @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                                @scottalanmiller said in Cerber virus/ransomware making the rounds...:

                                @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                                @scottalanmiller said in Cerber virus/ransomware making the rounds...:

                                @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                                @Nic said in Cerber virus/ransomware making the rounds...:

                                @Dashrender said in Cerber virus/ransomware making the rounds...:

                                @Nic said in Cerber virus/ransomware making the rounds...:

                                @JaredBusch said in Cerber virus/ransomware making the rounds...:

                                @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                                @Kelly said in Cerber virus/ransomware making the rounds...:

                                @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                                Another cool thing that we're going to be doing, but not as a result of this infection, is evaluating and maybe implementing Cylance in lieu of Trend on our systems.

                                I'm not sure if it's appropriate to say, but their engine seems revolutionary.

                                What makes you say that Rob?

                                Mostly that it's not conventional scanning, but instead it analyzes what the files do rather than just signatures or patterns. The closest comparison I can come up with is the way Android app permissions are broken down in the app store - - it can identify if a file's threat by the characteristics contained therein. Here's an analysis of the FreeConferenceCall.com installer:

                                I really want to see a good comparison of Webroot and Cylance from someone not related to either company.

                                My problem with Cylance was that there was no small business pricing. they started at something like 1000 licenses at their SpiceWorld 2015 demo. Only knocking it down to 500 during the show.

                                Hopefully the testing companies will get there eventually. They're all so geared towards signature detections and it's hard to get them to change. That's why we don't show up in some of them, as they won't come up with a methodology that better reflects what we do.

                                I liked Cylance's demo - go to totalvirus, download the last 100 uploaded viruii, and run them.

                                That's a good start, but it's tough to truly get a zero day virus that hasn't been seen yet, for a real world test. If it's on virustotal then it's already been identified as a virus by most of the AV companies.

                                No way to get around it entirely

                                Run them side by side in the real world (honeypot kind of thing) and test.

                                No I mean zero day viruses

                                Me too.

                                I don't have faith either would do the job

                                Isn't the other choice... neither, though? Will "none" do the job?

                                That's definitely a question

                                What I mean is... certainly trust nothing for zero days, protect as much as you can. But part of that would be getting the best AV that you can. It's part of the security picture.

                                wirestyle22W 1 Reply Last reply Reply Quote 0
                                • wirestyle22W
                                  wirestyle22 @scottalanmiller
                                  last edited by

                                  @scottalanmiller said in Cerber virus/ransomware making the rounds...:

                                  @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                                  @scottalanmiller said in Cerber virus/ransomware making the rounds...:

                                  @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                                  @scottalanmiller said in Cerber virus/ransomware making the rounds...:

                                  @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                                  @scottalanmiller said in Cerber virus/ransomware making the rounds...:

                                  @wirestyle22 said in Cerber virus/ransomware making the rounds...:

                                  @Nic said in Cerber virus/ransomware making the rounds...:

                                  @Dashrender said in Cerber virus/ransomware making the rounds...:

                                  @Nic said in Cerber virus/ransomware making the rounds...:

                                  @JaredBusch said in Cerber virus/ransomware making the rounds...:

                                  @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                                  @Kelly said in Cerber virus/ransomware making the rounds...:

                                  @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

                                  Another cool thing that we're going to be doing, but not as a result of this infection, is evaluating and maybe implementing Cylance in lieu of Trend on our systems.

                                  I'm not sure if it's appropriate to say, but their engine seems revolutionary.

                                  What makes you say that Rob?

                                  Mostly that it's not conventional scanning, but instead it analyzes what the files do rather than just signatures or patterns. The closest comparison I can come up with is the way Android app permissions are broken down in the app store - - it can identify if a file's threat by the characteristics contained therein. Here's an analysis of the FreeConferenceCall.com installer:

                                  I really want to see a good comparison of Webroot and Cylance from someone not related to either company.

                                  My problem with Cylance was that there was no small business pricing. they started at something like 1000 licenses at their SpiceWorld 2015 demo. Only knocking it down to 500 during the show.

                                  Hopefully the testing companies will get there eventually. They're all so geared towards signature detections and it's hard to get them to change. That's why we don't show up in some of them, as they won't come up with a methodology that better reflects what we do.

                                  I liked Cylance's demo - go to totalvirus, download the last 100 uploaded viruii, and run them.

                                  That's a good start, but it's tough to truly get a zero day virus that hasn't been seen yet, for a real world test. If it's on virustotal then it's already been identified as a virus by most of the AV companies.

                                  No way to get around it entirely

                                  Run them side by side in the real world (honeypot kind of thing) and test.

                                  No I mean zero day viruses

                                  Me too.

                                  I don't have faith either would do the job

                                  Isn't the other choice... neither, though? Will "none" do the job?

                                  That's definitely a question

                                  What I mean is... certainly trust nothing for zero days, protect as much as you can. But part of that would be getting the best AV that you can. It's part of the security picture.

                                  Agreed

                                  1 Reply Last reply Reply Quote 0
                                  • 1
                                  • 2
                                  • 2 / 2
                                  • First post
                                    Last post