The way in which antivirus solutions try to stop malware is coming under great scrutiny. Cyclane, a security provider, has been implementing solutions to address those security concerns, which might explain Dell’s (News - Alert) decision to go with the company to protect the new Dell Endpoint Security Suite (ESS).
The 2015 Verizon DBIR report highlights the ineffective approach of today’s AV solutions, stating that almost 90 percent of the successful malware threats are variants of older versions. This begs the question, why can’t AV solutions stop even familiar malwares? That is because the vast majority of AV programs need to identify the malware, and if it is not able to identify it, the malware can escape detection.
Brian Dye, senior vice-president for information security at Norton, stated AVs usually miss 55 percent of attacks and only catches 45 percent of malware attacks.
Dell made the decision to go with Cylance after looking at more than 60 providers. In essence, almost all of them use the same process, but Cylance differentiates itself by omitting signatures. It relies on an algorithm to analyze seven million characteristics of files and programs, and uses a scoring system to determine if they are malicious and take the necessary precautions.
The CylancePROTECT system is proactive, with a threat prevention platform that has more than 99 percent efficacy on cyber threats, this according to the company. And this result is achieved with a product that has a very small footprint compared to the massive AV solutions, all while using no signature, no updates and no cloud required.
The Cylance 99 percent claim has many doubting the technology, but the company has been performing a live cyber-attack in a public forum across 75 cities around the world. The attacks are against traditional vendors to show how the CylancePROTECT solution is more effective in detection and exponentially less impactful to computing resources, using less than 5 percent CPU. Cylance announced Dell’s own internal testing have backed up the numbers.
“We focus entirely on identifying and predicting when something is malicious before it is ever executed. This gives the world, for the first time ever, the ability to truly know whether an attack is imminent before it occurs or runs. Whether the attack is malware, zero-day exploits, APTs, adware, spyware, ransomware, scripts or macros, CylancePROTECT predicts its maliciousness and stops it cold before it ever starts,” said the company.