Jamf Nation Community

So, what's up with this thread???

I would hazard a guess, the content of those posts had been removed intentionally.

(SPAM?)

Heck, I would even revoke the "Solved" flags. ;)

Don

I was requested by legal to remove these postings. Not too sure what I posted that was wrong... I am really truly sorry, but you can email me direct @ jose.gocobachi@openx.com if you want to chat.

Interesting. With all that mystery I'll jump in and say that we've agreed to begin evaluating Cylance. It's certainly an interesting product and take on end point security. They're also running around trying everything that can to get folks to compare this against other end point security products IRL and with the malware of your own choosing. Actually, that's what peaked my interest in them. I'd love to know what anyone else thinks. I'm actually in the middle of scheduling a POC and possibly some PEN testing with them.

@Chris_Hafner,

It's definitely a great product and I was able to produce a deployment policy of which I would be happy to share that info to you - as far as I know it's not proprietary and it should not break any POC or PEN policies, but I would run that by them first as it was a subject that their Sales Team jumped on me about. I don't even know what I did other than just try to get some assist out there.

@Gocobachi I figured there was something like that. In any event I'd love to see what you've worked out, so long as you don't get in trouble ;-) I'm going to work through their POC in early Dec. We're going to work on their pricing as well ;-) I like being the first to discuss edu pricing with relatively new companies.

That said, I really dig the philosophy. Yet, the Mac product is what, 2 months old? I'm going to run it in passive mode for a bit alongside Sophos and see what happens.

@Chris_Hafner Definitely hit me up in December if you need any assistance. As for running it in passive mode, please share the results (maybe not on a public forum or else you could be in some hot water with Cylance's legal). My direct email address is jose.gocobachi@openx.com just so I don't get into any more trouble :)

Looking forward to hearing your thoughts and any questions you may have.

Interesting, as i've seen reports that it fails to find basic mac malware such as Genio.

Actually, that's my biggest concern. While I don't doubt that it can recognize viral behavior, I am unsure as to how the product can manage that without pre-defined lists of trojans. After all, something like that behaves exactly like a normal application.

We decided to go with another option! Send me an email and I will let you know what we ended up choosing! It was very easy to rollout and deploy. I would mention that product on this forum, but I am afraid I will get another legal notice or something like that. I wish there was a way to scrub this posting! Pretend it did not happen :)

So, since I don't have many legal issues to worry about (No NDA) I figured that I would state that I'm going forward with a larger scale POC on this one. I will follow back around with more info.

Any updates or new info from anyone on this?

@Chris_Hafner Were you able to get the POC rolling?

Also - can anybody shed a little light on all the "be careful cuz legal might be upset with you" statements? Trying to figure out why on earth talking about their software would anger legal?

thanks!

@mbezzo Yep, we completed our POC and will be purchasing full licensing for the upcoming school year. We're moving from Sophos, which we have had good experience with as well. We never had anything weird with any legal department or anything like that. No NDA or any other concern regardless. So far the cylance software has had a super low footprint and has stopped a number of the annoying crapware items out there under testing. It's taken me a while to come around to their way of thinking regarding non-definition based protection, but so far it's been flawless.

Thanks @Chris_Hafner, appreciate that! We're beginning the process to switch to a new AV product and this has definitely caught our eye!

Great to hear about no issues with legal - that definitely had me a bit worried!

Appreciate it,
mbezzo

@mbezzo Thank you for sharing your information on this thread about your concerns along with you being satisfied after POC and going with a full license. I am currently going through a POC as we speak with Cylance. I am also very curious to see what attibutes of Cylance put it over the edge against Sophos because Sophos is also top of the "food chain" of AV's? :-)

Any information would be Awesome. Thanks!

I've had a discussion with the UK reseller of Cylance after viewing one of their seminars. Short version, it doesn't have feature parity with the Windows version ... yet.

Currently Cylance's major drawback is that it cannot run off network. Without a connection to it's cloud, it fails to run.

Now i'm assured there is a new version that fixes this major drawback due for release in the next few weeks. Keep your eyes peeled. I know I am.