Start-up Cylance unveils its first product today, software called CylanceV that determines what is a malware threat against Windows-based machines by using an analysis technique it refers to as "machine learning algorithms."
“The traditional blacklisting approach doesn’t work,” says Glenn Chisholm, CTO and vice president of products at Cylance, noting the explosion each year in the number of identified viruses and other malware types make it impossible to stop it based on signatures. Instead, Cylance is taking its own shot at malware detection through an inspection method based on making a copy of incoming traffic to an organization, from the Web, e-mail and other points, and feeding it to the CylanceV software to be analyzed. This might include files, applications, executables, services, drivers, and code libraries.
The server-based CylanceV uses predictive algorithms based on thousands of variable factors to decide whether the examined code should be classified as “good or bad” within a few milliseconds, says Chisholm. If the verdict is “bad,” then an alert is sent to the appropriate security administrator. CylanceV also includes a set of APIs allowing it to share information with third-party equipment such as security information and event management products, with an integration with Splunk having been tested in that regard. CylanceV starts at $50 per host per year.
Cylance, founded in 2012 by its CEO Stuart McClure, has received $15 million in funding from sources that include Khosla Ventures and Fairhaven Capital.
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: firstname.lastname@example.org