Predictive Malware Response Test

SE Labs: intelligence-led testing

Published April 2018

S

SE Labs tested CylancePROTECT in an offline environment against major threats that subsequently appeared in the wild. The test explores the product’s ability to prevent new threats from attacking endpoint systems successfully.

CylancePROTECT contains technology designed to identify and block malware using what it claims to be an “artificial intelligence” (AI) model. This model can be updated over time. However, in this test the model created in May 2015 was used and did not utilise further updates, so that the software was unable to receive new models or edit the existing one.

The test exposed systems protected by this older version of CylancePROTECT to very impactful threats discovered and reported widely after May 2015. In this way the test shows to what extent the product was able to predict how future threats would appear. This “Predictive Advantage” (PA), the advantage that users of the product have against future adversaries, is presented in this report.