Cylance Unbelievable Tour Lives Up to Name, Can Cylance Be Trusted?
-
So, while Cylance hasn't had a blunder like that in the 18 months since that event, today's news suggests that it might be just part of a larger trend. Today seems to support the problems that they had, rather than supporting the idea that they had been wrongly informed.
-
Someone should go post this article on SW and tag all their GGs. Because if we don't do it, no one will.
-
@RojoLoco said in Cylance Unbelievable Tour Lives Up to Name, Can Cylance Be Trusted?:
Someone should go post this article on SW and tag all their GGs. Because if we don't do it, no one will.
I have sales email from Cylance in my junk mail. I thought about replying with just the link to the article, but then the sales guy will know my contact info has a pulse.
-
@IRJ said in Cylance Unbelievable Tour Lives Up to Name, Can Cylance Be Trusted?:
@RojoLoco said in Cylance Unbelievable Tour Lives Up to Name, Can Cylance Be Trusted?:
Someone should go post this article on SW and tag all their GGs. Because if we don't do it, no one will.
I have sales email from Cylance in my junk mail. I thought about replying with just the link to the article, but then the sales guy will know my contact info has a pulse.
A newbie security mistake that would be.
-
@RojoLoco said in Cylance Unbelievable Tour Lives Up to Name, Can Cylance Be Trusted?:
Someone should go post this article on SW and tag all their GGs. Because if we don't do it, no one will.
They should know, a few are on my Facebook and would have seen it.
-
Unlike some other vendors, though, Cylance doesn't expose anyone with authority to the communities. So the people that we know are pretty much powerless to enact change. So it is unlikely that the message will go far. The online IT communities have not been seen as important, so that there is concern around the viability of the product and vendor here will not likely warrant authorization to respond.
-
@scottalanmiller said in Cylance Unbelievable Tour Lives Up to Name, Can Cylance Be Trusted?:
@RojoLoco said in Cylance Unbelievable Tour Lives Up to Name, Can Cylance Be Trusted?:
Someone should go post this article on SW and tag all their GGs. Because if we don't do it, no one will.
They should know, a few are on my Facebook and would have seen it.
I still think there are many on SW who deserve to know the whole story as they try to select AV and security products.
-
@RojoLoco said in Cylance Unbelievable Tour Lives Up to Name, Can Cylance Be Trusted?:
@scottalanmiller said in Cylance Unbelievable Tour Lives Up to Name, Can Cylance Be Trusted?:
@RojoLoco said in Cylance Unbelievable Tour Lives Up to Name, Can Cylance Be Trusted?:
Someone should go post this article on SW and tag all their GGs. Because if we don't do it, no one will.
They should know, a few are on my Facebook and would have seen it.
I still think there are many on SW who deserve to know the whole story as they try to select AV and security products.
Oh it was all totally public and posted there originally. No one hid anything there.
-
Hi friends.
I'm here to answer questions, talk the talk, and really go through all of this 'funness'.
We do not mislead customers or prospective customers. Plain and simple.
When we create malware samples to test with, we employ the same methods and tools that hackers do, including creating mutations and packing the samples, to better emulate what attackers do for more meaningful testing. I'd be happy to walk through any of this with anyone, but for the tests I've been running, I am using 'how-tos' found on some less than favorable websites along with software that is free and widely distributed.
We are not running or using any tool that isn’t already in an attacker’s arsenal. Any time you pack a real file, there is a chance that the original piece of software will break. This happens every now and then; you're messing with the file after all. It's like when we shaved Nic's head at Spiceworld - we messed with his image and then NOBODY took him seriously.
Is this whole process perfect? No. But the steps we take are the same steps we are seeing in the real world.
Addressing Spiceworld 15 - That was pre-Bowtie and Beards (Matt and I). The session was a cluster, there were issues of promises made and session ideas, but those ideas fell through from my understanding. That is why Matt and I went big last year at Spiceworld, coming out and not pushing the product and inviting members to test for themselves. This is the same dialogue we are continuing to have there, here, and elsewhere. That's the past, let's move on.
-
@Richard_Cylance That's great, and I think we're all happy to have someone here.
Let's talk first steps then if you really want to fix the image problem Cylance is currently facing. Has the user agreement been updated to allow third party testing yet?
-
@Richard_Cylance said in Cylance Unbelievable Tour Lives Up to Name, Can Cylance Be Trusted?:
We do not mislead customers or prospective customers. Plain and simple.
But the real question is... did Cylance block the release of test results? Does Ars Technica have a false story?
-
@travisdh1 said in Cylance Unbelievable Tour Lives Up to Name, Can Cylance Be Trusted?:
@Richard_Cylance That's great, and I think we're all happy to have someone here.
Let's talk first steps then if you really want to fix the image problem Cylance is currently facing. Has the user agreement been updated to allow third party testing yet?
I think that that sums up the concerns that I have seen. This should be fixed before anything else is done.
-
@NerdyDad I wouldn't either.
-
This post is deleted! -
@Richard_Cylance said in Cylance Unbelievable Tour Lives Up to Name, Can Cylance Be Trusted?:
@NerdyDad I wouldn't either.
So we're all in agreement that Cylance's word is worth less than dog shit stuck to a shoe?
What exactly do y'all plan to do to repair this? Any "test results" that y'all publish at this point will be deemed laughable, so where / how does your company intend to "fix" their reputation?
-
@RojoLoco If you approach me in a way that clearly gives me no room to present our side, then no matter how we work in this, you will always have the wall.
Look - I said it above - SW 15 was a poor representation and action on our end. We own that. Matt and I joined up and have been working with our experiences and skills to tell more and more of the story, and it's been incredible growth in the right direction for our company.
I posted this on SW-
" I invite attendees of all my shows to come up and verify my settings on all the competitor setup. I'd be happy to have a one-on-one with you and let you have full control and run the demo on my machine (so you don't get infected).This article clearly demonstrates the need for the industry to update their testing practices. Testing needs to change, and we've been saying it for years. We will continue to call out bad testing practices. Matt and I have said it before on here- don't trust us. Download your own samples, run it against your AV solutions and our offering. There is a need to test against files never seen before, using the same methods that malicious distributors are using.
Independent tests that don't use real-world methodologies are ineffective. AV-Test and NSS Labs are endeavoring to make tests more akin to the real world, and we support them in their efforts. While no testing house is perfect, they are making changes that serve the world at large."
-
@Richard_Cylance said in Cylance Unbelievable Tour Lives Up to Name, Can Cylance Be Trusted?:
This article clearly demonstrates the need for the industry to update their testing practices. Testing needs to change, and we've been saying it for years. We will continue to call out bad testing practices. Matt and I have said it before on here- don't trust us. Download your own samples, run it against your AV solutions and our offering. There is a need to test against files never seen before, using the same methods that malicious distributors are using.
But if we do this, aren't we going to get threatened by the lawyers? This is exactly what Ars Technica claims people are not allowed to do. Just because you tell us to do it doesn't mean we are allowed to discuss it. This is what we are asking... did Ars Technica lie, or is "do your own testing" not actually something we are allowed to share (read: if we aren't free to discuss it, we are into Nutanix territory.)
-
We are asking a direct question, just need a direct answer.
Did Ars Technica report something false? Or did Cylance actually do what they said?
-
-
@scottalanmiller Look at it as an interpretation of the situation. For the longest time we have been fighting against the accepted mindset of security. Now, no matter where you stand on what AV to use, there is no denying that advancement hasn't been the strongest point of the industry. Cylance changed that with a new way of thinking, and when the OGs of the company started out on the road, they fought back this wall.
You are more than welcome to test our product out, use malware you find, and post your results. Assuming you are talking about the Sophos/Cylance issue, there were higher up issues with the reseller than I am privy to, so I won't speak to that. But the test they showed was flawed, and we called them out for it. That is the past though.
Every test I have ever done in front of an audience or a customer I have invited attendees to check my settings. I update all the products I test against, enable all the features I have that are viable for the test (don't need anti-phishing layers on for a malware execution test for example), and ensure all signatures/dats are downloaded and updated, as well as full connection to their servers is there. I don't do that for Cylance - I run a version on my test machine from September 2015 and often run it disconnected from the web. Again, I ask any attendee to come up and verify, recommend changes if they feel the need, and run the test for them.
But in the end, I am a vendor, and we want people to trust the results themselves. You wouldn't buy a car based off someone's presentation alone; you're going to test drive the metal machine. Same thing here; don't trust me or any other vendor.