Cylance Accused of Distributing Fake Malware Samples To Customers To Close Deals

New submitter nyman19 writes: Ars Technica reports how security vendor Cylance has been distributing non-functioning malware samples to prospective customers in order to "close the sale[s] by providing files that other products wouldn't detect" According to the report: "A systems engineer at a large company was evaluating security software products when he discovered something suspicious. One of the vendors [Cylance] had provided a set of malware samples to test -- 48 files in an archive stored in the vendor's Box cloud storage account. The vendor providing those samples was Cylance, the information security company behind Protect, a 'next generation' endpoint protection system built on machine learning. In testing, Protect identified all 48 of the samples as malicious, while competing products flagged most but not all of them. Curious, the engineer took a closer look at the files in question -- and found that seven weren't malware at all."

Re:Fraud

[zlives]

i don't buy your argument as clearly you are senile (56) :)

on the other hand, i watched their demo at RSA and it looks really good right upto the point that you start asking questions like rate of false positives, and links and scripts that are legit use, and the ability to test the environment without their mandatory supervision. its definitely intriguing but they are way too cryptic about their product. and that does not leave a good taste considering today's lack of vendor trust environment.

Weird Feeling When Attended

I had a really weird vibe from them when I attended a seminar. Then when they basically said they could detect all the malware they had on a disk... well I rolled my eyes, naturally they can detect all the malware they brought with them.

And when I tried to get the difference between what they were selling and the common heuristics that other AV vendors used... well I never got a satisfactory answer. Sounds like the same thing to me.