Cylance Delivers the Anti-malware Product of the Future
NEWS ANALYSIS: With its Protect software, the security company shows at the Global Cloud Innovation Summit that not everything needs to be in the cloud, and some things are better if they're not.TIBURON, Calif.—It's not very often that you see something new in security. Most of the new products that show up in my press release stack are variations of things that have come before. Sometimes there are important enhancements, sometimes there are cool new names, but a lot of it involves incremental change and little else. That's why I was pretty skeptical when I watched the CTO of a company called Cylance being grilled by the press in the main session of the Global Cloud Innovation Summit, being held in the tony surroundings of the Corinthian Yacht Club here on April 23. There, Glenn Chisholm was explaining the need for real endpoint security in a cloud environment. Hackers, he explained, can only get to a company's cloud service through the company's endpoints—in other words, its computers. Thus, he said, the need to protect the endpoints. The need for endpoint protection is really nothing new, although most organizations don't spend a lot of time thinking about it. But perhaps they should. Still, what makes Cylance's security product, called Protect, different isn't that it provides endpoint security, but how it does it. According to Chisholm, what the company does is build a mathematical model of how software should work and then prevents anything else from running. The result is an antivirus/anti-malware program that requires only about 30 megabytes of space and doesn't need frequent updates. There's no huge database of virus signatures to check, and nothing to go out of date.
"We provide the ability to decide what the endpoint executes and when it does it," Chisholm said in a subsequent conversation. "The software makes the decision, and if it isn't good it doesn't let it run."