When I think of antivirus there are specific vendors and tools that come to mind: Symantec, McAfee, Panda Security, BitDefender, and others. Microsoft is expanding the definition of “antivirus”, though, by inviting Cylance to join the Microsoft Virus Initiative (MVI) and Virus Information Alliance (VIA)—groups organized by Microsoft to coordinate antimalware efforts, and provide effective security for Microsoft customers.
Cylance is not one of the names that pops up generally—or ever—when considering antivirus options. That is, until now. The next-generation security company uses mathematical algorithms, artificial intelligence, and machine learning to proactively defend against malware and other cyber threats in a completely different way than traditional antimalware solutions.
The invitation from Microsoft to join MVI and VIA validates Cylance as a viable method of protecting a PC against malware. Cylance is the first non-signature-based security provider to be accepted into either program which is a big milestone for both Cylance, and for next-generation security solutions in general.
Reinventing the wheel
Traditional signature-based antimalware tools suffer from a serious Achilles’ heel: they’re reactive. Vendors can’t make signatures to detect and block a threat until the new threat is detected and identified, which leaves PCs open to exploit until the signature is deployed.
Stuart McClure, CEO and founder of Cylance, explained how Cylance solves the problem of reactive security in my “In Their Own Words” interview with him last year: “Our use of math and machine learning eliminates the current security model of trusting the vendor to stay ahead of the threat. Instead you only need to trust the math.”
McClure originally conceived of Cylance when it occurred to him that he wasn’t using any antimalware software to protect his PC, yet he considered himself more secure than most. He pondered that fact, and arrived at the conclusion that security professionals understand how attackers work and they’re aware of the techniques they use. They simply apply what they know to recognize and avoid potential threats. That led him to question, “Why not just teach the computer to do that?”
As McClure told me in our interview, “Math became the obvious choice as it brought all the components together as many other industries have already adopted math to solve their problems: insurance, financial services, pharmaceuticals, genome sequencing, etc. So why couldn’t security?”
New chapter for Cylance
Above and beyond validating the Cylance approach to defending against malware, the new relationship with Microsoft provides two very important benefits for Cylance. First, because Cylance is part of Microsoft Virus Initiative, it will now be recognized as an antimalware solution by the Windows operating system. Windows has its own malware defenses, but you can disable those and use your own. However, if you don’t use a recognized security solution, the Windows operating system will repeatedly warn you that your PC is not protected.
The second major benefit is that members of MVI get access to Windows APIs (Application Program Interfaces). With access to Windows APIs, Cylance can develop tighter integration with the Windows operating system and deliver better protection for customers.
Membership in VIA allows Cylance to share information and collaborate more effectively with other security providers and antimalware organizations. Members exchange threat intelligence and technical information related to malicious software so the whole community can provide better protection for Microsoft customers.
Traditional antimalware is by no means dead yet, but Cylance also isn’t the only company out there looking to change the world of malware defense. Many seasoned security professionals have come to the realization that the reactive security model just isn’t good enough and they’re exploring innovative ways to improve malware security. The new relationship between Microsoft and Cylance just proves they might be on to something.
