Cylance Delivers the Anti-malware Product of the Future
Fitzgerald also noted that Cylance's Protect software is fully capable of coexisting with other AV and anti-malware products. In many cases, the other software is required by organizational policy or it's there under a contract, so removal isn't an option, even though it's no longer necessary, according to Fitzgerald. Once Protect is in place, support calls for AV-related problems generally drop to nearly nothing, he added. Unfortunately, there are problems in this otherwise happy situation. The biggest is that not everyone can buy Cylance Protect. Fitzgerald said in an email that currently only large enterprises can buy the software directly from Cylance, while SMBs can buy it through resellers. It's currently not being sold to individuals. The company is in the process of expanding its coverage and the types of hardware it runs on, Fitzgerald said. That hardware presently includes Windows computers and some security appliances, but it will be coming soon to Apple OS X computers and Linux. Support for Android and Windows mobile devices is also planned, he said, but currently there are no plans for an iOS version of the product. The good news is that for organizations that buy it, implementation is said to be fast and easy. Fitzgerald said that no IT skills are required to install or manage the software. He noted that Protect will prevent execution of the malware that accompanies phishing attacks, and that the software can recognize things like the Crypto Lock malware and prevent execution.But is it really the future of endpoint security? That remains to be seen, and I've requested a copy of the software so that I can find out. But in the meantime, Cylance has been conducting a series of demos in which engineers intentionally download malware to see if Protect can detect it. So far, it has.
Some of the aspects of Cylance Protect seem similar to those of other anti-malware software such as Malwarebytes, but there are significant differences, notably that Protect does not require updates to its database because it doesn't use one. This makes it ideal for computers that can't or don't receive frequent updates, which includes many machines that contain sensitive information where the risk of loss through an Internet connection is too great.