After shocking announcement that most antivirus (AV) products aren’t effectively stopping attacks, Dell has officially jumped into the game. Last month, the PC giant claimed a partnership with Cylance that specializes in detecting and blocking attacks on endpoint computers to integrate the Protect product of the California-based company into its Data Protection Endpoint Security Suite, according to executive director for data security solutions of Dell, Brett Hansen.
As its plan, early next year, Dell will add Cylance’s Protect product in its Data Protection Endpoint Security Suite, said Brett Hansen, Dell’s executive director of data security solutions. The suite is an integrated package with encryption capabilities, authentication features as well as malware detection.
Dell claimed a partnership with Cylance to integrate the Protect product into its Data Protection Endpoint Security Suite
Many antivirus programs still rely in part on systems that require identification of a piece of malware, which is then further identified by security products once a “signature” is pushed to a PC’s security application.
The partnership shows the evolution of cyber security protection, which may have an effect on cyber security companies like McAfee, Trend Micro and Symantec. Cylance offers protection services for endpoint computers.
In fact, signature-based detection is considered ineffective by many security professionals since it is possible for malware to avoid detection by changing. Some antivirus suites utilize technologies that detect and block malware after the machine was already infected.
“Our customers have been telling us the same thing: it is just not working,” Hansen talked.
While their technologies in antivirus suites can detect strange behavior and block malware, but often only after it has already infected a machine and done something bad.
Therefore, Cylance doesn’t use signatures. Instead, it uses an algorithm that analyzes seven million characteristics of files and programs and scores those elements on the likelihood of them being malicious, and can block them.
Security experts at Dell had to spend more than a year on finding a suitable product. Hansen said the company looked at different products offered by over 60 companies offering various methods in preventing malware attacks. Most of these companies combined heuristic and behavioral analysis with cloud computing. While no guarantees were made on preventing infection on computers, they offered detection and remediation.
The security suite features encryption and authentication capabilities and malware detection
The technology does not account for much space on a computer and especially, it only requires occasional updates. The updates are released by the company to make the necessary adjustments on the algorithm. Thanks to this, continuous network connection is not necessary for Protect to work, which is good news to users who are irritated with daily or hourly updates.
The security suite of the tech company features encryption and authentication capabilities along with malware detection. Systems currently used by a good number of antivirus programs make it necessary to identify the malware, which is verified by security products after it is detected by the security application of the PC.
The aim of Dell was prevention rather than remediation. Among the common complaints of the customers of the company was they had to spend an excessive amount of time calling to ask how they can deal with infected machines. The Protection product of Cylance was evaluated by security division of Dell, SecureWorks. SecureWorks was impressed by the way Protect dealt with around 200 malware and exploits the security division used for its evaluation.
According to Dell experts, the first version of the Data Protection Endpoint Security Suite provided signature-based protection technology. Along with it, another version of the suite will be a similar product; it will come together with Protect. Hansen said once customers know how the product of Cylance works they may be more inclined to move away from signature-based protection technology.