Endpoint
2/18/2014
02:05 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Cylance Unveils CylancePROTECT, Applying Math to Prevent Advanced Cyber Threats on Company Endpoints

New Endpoint Security Software Instantly and Mathematically Determines What is Safe and What is a Threat Without the Use of Signatures, Heuristics, Behavioral Analysis, Sandboxing Detonation or Micro-virtualization

Irvine, CA – February 18, 2014 – Cylance, Inc., the first math-based threat detection and prevention company, today announced the release of CylancePROTECT. The product takes a unique mathematical and machine learning approach to stop the advanced threats on endpoint computers. Without the traditional use of signatures, rules, behavior, heuristics, whitelists or sandboxing, CylancePROTECT identifies and renders new malware, viruses, bots, zero-days and unknown future attacks useless.

“The fundamental flaw in today’s cybersecurity infrastructure is that protection requires detection, and detection requires a patient zero,” said Stuart McClure, Cylance founder and CEO. “Human-generated signatures, based primarily on previously discovered samples, have failed to solve the problem as zero-day threats continue to operate silently and unimpeded.”

The first to apply algorithmic science to security in a scalable way, Cylance is delivering a new threat detection model that instantly determines what is safe and what is a threat without ever having to have seen the threat before. Cylance’s deep security domain experience is uniquely combining the understanding of a hacker's mentality with algorithmic intelligence and best practices to enable CylancePROTECT to be truly predictive and preventive against advanced threats. “Attacks keep evolving, bypassing all kinds of traditional security technologies," said Richard Stiennon, chief research analyst at IT-Harvest. "The market is ripe for a revolutionary new solution to securing the endpoint. Cylance’s approach is the most exciting innovation in endpoint security I have seen." CylancePROTECT’s mathematical approach uses patent-pending, machine learning techniques to identify and stop threats before they execute. The Cylance approach has produced the most accurate, efficient and effective solution for preventing advanced malware and persistent threats from executing on endpoints. Internal testing versus third parties discovered a 500X improvement in detection of all data, good and bad, with the ability to stop 100 percent of what is found. Other solutions miss what has not already been previously identified and often can’t block the majority of what it does see. As an example, CylancePROTECT can protect against nested malware delivered in a legitimate application. CylancePROTECT is designed to complement existing endpoint security and be non-impactful to administrators and end users. Its value is to eliminate the concern for unknown and advanced threats, often missed by the other solutions.

CylancePROTECT’s tiny agent sits on top of current solutions and integrates with existing management software for ease of distribution and management. Most importantly, CylancePROTECT is not required to be continually updated, and gives the administrator complete control over configurability from the management console.

“Current endpoint technologies claim high detection rate, but in actuality the real rate is often much lower, sometimes under 50 percent,” McClure added. “No other endpoint protection product compares to the accuracy, ease of management and effectiveness of CylancePROTECT, which has more than a 95 percent detection rate.”

Key values of CylancePROTECT:

More Effective Protection • Identifies and categorizes ‘unknown’ data as safe or as a threat • Stops advanced persistent threats and malware execution • Actively monitors in real time, all the time, online and offline

Non-impactful • No conflicts with existing security or endpoint software • Tiny client: installs, scans and protects in seconds • Doesn’t slow down computers or require pop-up screens • Supports clients for Windows PCs - laptops, and servers & virtual servers • Mathematical algorithm always up-to-date -- no updates required

Enterprise Web-Based Management Console • Integration with third-party management • Group policy and structure • Whitelist and blacklist support for administrative granularity • Social threat awareness of what else is infected • Threat detail visibility

Technically Supports: • Detection mode through passive auditing • Self-protection against user of attacker tampering • Memory protection and execution control to prevent injection and hijacking techniques, overflows and in-memory execution techniques.

About Cylance

Cylance is the first company to apply artificial intelligence, algorithmic science and machine learning to cybersecurity and improve the way companies, governments and end users proactively solve the world’s most difficult security problems. Using a breakthrough mathematical process, Cylance quickly and accurately identifies what is safe and what is a threat of all data, not just what is in a blacklist or whitelist. By coupling sophisticated math and machine learning with a unique understanding of a hacker’s mentality, Cylance provides the technology and services to be truly predictive and preventive against advanced threats. www.cylance.com

###

Media Contact Cylance Public Relations Rachel Kaseroff rachel@methodcommunications.com 415-341-5625

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-2595
Published: 2014-08-31
The device-initialization functionality in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, enables MSM_CAM_IOCTL_SET_MEM_MAP_INFO ioctl calls for an unrestricted mmap interface, which all...

CVE-2013-2597
Published: 2014-08-31
Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that lever...

CVE-2013-2598
Published: 2014-08-31
app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to overwrite signature-verification code via crafted boot-image load-destination header values that specify memory ...

CVE-2013-2599
Published: 2014-08-31
A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonConnector class in services/java/com/android/server/NativeDaemonConnector.java in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.3.x enables debug logging, which allows attackers to obtain sensitive disk-encryption pas...

CVE-2013-6124
Published: 2014-08-31
The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed by a (1) chown or (2) chmod command, as demonstrated by changing the permissions of an arbitrary fil...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.