back to article Everything's fine, says Cylance, as workers given the boot

Prominent next-gen antivirus vendor Cylance has confirmed a wide-ranging restructure involving job cuts. In response to queries based on an anonymous tip to El Reg on Tuesday that several workers had been shown the door, Cylance confirmed it was restructuring its business without commenting on the job cut numbers that were the …

  1. nijam

    > ... everything from software deployment packages to Office365 automatic updates as potentially malign

    1 out of 2 ain't bad.

  2. EJ

    They still are snake oil to me. We had a 2 month demo with them and experienced significant false-positives involving well-known commercial software components. At that point, it seemed like an exercise of manually identifying each file on your network, which defeats the purpose. Others swear by them, and yet I've never heard an explanation to reveal the reasons why some love it and others have our experience.

    1. Anonymous Coward
      Anonymous Coward

      Houston we have a problem

      ...I fully agree.

      The number of software deployment packages we found it flagging was more than a small amount, it would certainly be enough to repeatedly return our business to the stone age.

      In all the years we had Mcafee its only once deleted a Windows system binary and Mcafee sucks :)

      Whitelisting binaries and scripts across a vast enterprise is not actually possible.

      Maybe those who don't find fault have very very tiny networks...

    2. Anonymous Coward
      Anonymous Coward

      Cylance doesn't report on whether software is malicious or not, it reports on whether or not the software could be used maliciously. It is up to your admins to decide if they want the software to run or not. So, there is a tuning process. Alternatively, you could whitelist known goods and block everything else.

      1. Anonymous Coward
        Anonymous Coward

        Malicious

        Yes, I guess Office365 updates could be malicious...

        I will say it did find some absolutely lethal stuff that isn't in the general wild too. That was the positives, but outweighed by the negatives.

        The concept is good, the cost of ownership is the problem.

      2. This post has been deleted by its author

    3. Anonymous Coward
      Anonymous Coward

      "a 2 month demo"....

      Yeah, that's what they call it. Not like every other piece software where you can download an evaluation / trial version and check it out yourself. It requires so much tuning that they won't let the software out of their hands, ever.

      So you think, 'no problem, I'll just send some samples to Virustotal and see if Cylance detects them'. Yeah, they don't want any 3rd parties publicly advertising their (in)effectiveness either.

      1. sylclark_adm

        Re: "a 2 month demo"....

        Cylance relies on uninformed or unsophisticated customers - I hate to call them "marks" to sell their product. Large enterprise CISO's are too smart to fall for these tricks.

        1. Tom Paine Silver badge

          Re: "a 2 month demo"....

          Large enterprise CISO's are too smart to fall for these tricks.

          Would that it were so! Unfortunately if you survey the security marketplace, and especially look at the young, startuppy crowd who're spending a lot on marketing and publicity-generating activity like having researchers who might get press for a whitepaper now and then, there's an awful lot of snake oil being sold by firms nominally valued in the $50-$250m range. A lot of the founders of these places will time their exit nicely and walk away with a couple of houses, a Ferrari and a couple of million in their pension, leaving a steaming pile of nothing in the hands of one of the large well established firms who buy them to put them out of business. They're all leveraging the power of large numbers of non-technical general managers who've been put in charge of security without knowing much about it, but who know convincing marketing when they see it. In short, there are plenty of CSOs and CTOs who, whilst not being idiots, just don't know enough to distinguish BS from real security, and who need the warm fuzzy feeling of having "invested" a lot of money in security.

          1. Anonymous Coward
            Anonymous Coward

            Ignoramous

            Theres money in ignorance and powerful BS marketing?

  3. VanguardG

    Some swear by it...

    some swear AT it.

    As bad as false positives are, false negatives would be worse. Any form of Anti-whatever (virus, malware, phish...) is a matter of trust. While one can introduce harmless but absolutely dodgy files just to test, when it comes down to it the only evidence we can usually point to that the anti-virus is doing anything at all is the absence of any activity - which when you think about it, is a bit oxymoronic. "Its working because its not doing anything". And you can insert your favorite joke about that describing most government employees <here>.

  4. Potemkine Silver badge

    Biggest problems with Cylance Products

    We lack of independent testings. Presentation are impressive, but who would be fool enough to buy a product just because of the presentation? ^^

  5. Anonymous Coward
    Anonymous Coward

    I'm pretty excited that I get to look for a new job after the number of hours I put into that place. We basically missed our quarterly target by more than 7 figures and people had a freak out. I guess that's what "restructuring" is called these days.

    1. Anonymous Coward
      Anonymous Coward

      >We basically missed our quarterly target by more than 7 figures

      Hint from me to you chasing those stock options is not worth the shit management roulette which is exactly what you just got done playing if they are missing targets by that much for the size of the company. If you have or are thinking of starting a family anytime soon avoid anything sexy when it comes to business.

      1. Tom Paine Silver badge

        Hint from me to you chasing those stock options is not worth the shit management roulette which is exactly what you just got done playing if they are missing targets by that much for the size of the company. If you have or are thinking of starting a family anytime soon avoid anything sexy when it comes to business.

        Hint from me to you: punctuation is useful. Use it.

        <P>

        ION, chasing stock options CAN be worth it if you luck out. I personally have had the experience of witnessing almost everyone around me getting the "excited to announce we're being acquired" email that meant they just cleared their mortgage and got to go buy a silly car. Sadly I was six months too late for the stock-option confetti, which was a bit of a choker, but some people definitely did hit the jackpot.

        That said, it didn't really affect how hard I worked - I carried on doing 60h weeks without overtime, as you do, because... well, because you do. (Right, kids?)

        *shrug*

        1. Anonymous Coward
          Anonymous Coward

          actually

          >ION, chasing stock options CAN be worth it if you luck out.

          >I carried on doing 60h weeks without overtime, as you do

          Actually I usually don't. Might have one or two 60 hr week a year at most. I have built my career up to where I get to pick my employers and not vice versa and spending a reasonable amount of time with my family is near the top of the criteria. That is because I didn't waste time chasing unicorns with all the other technonerds and slow and steady built up skills, experience, a very good 401k, payed off the mortgage and landed my dream job for my needs (slow and steady wins the race, though granted being middle aged really helps). I actually get stock options and bonuses as well but my company is publicly traded and since we actually make something and have turned a profit consistently for nearly two decades the stock options are lucrative but nothing like unicorn sparkly manure. Then again I am not suddenly having to look for a new job every two years or less and very well may retire for my current employer, knock on wood. The helping actually manufacture stuff is very important to me and matching my work environment to my needs means my job is not shortening my life and if anything adds value to it. If being rich means insane overtime creating weapons of financial mass destruction derivatives or facilitating allowing Millennials to post pictures of their breakfast to the world than more power to who wants to go down that road but it won't be me.

          1. Anonymous Coward
            Anonymous Coward

            Re: actually

            Actually misspoke I think I have worked maybe one 60 hour week ever for this employer due to a very big rollout. More like one or two 50 hour weeks a year. There are some advantages to getting older. You learn how to not let employers burn you up. Really the only thing that bothers me at all is the traffic on my commute but even that is far better than the nasty traffic in SoCal or the Bay area.

          2. Anonymous Coward
            Anonymous Coward

            Re: actually

            >ION, chasing stock options CAN be worth it if you luck out.

            So can the lottery. For many what you give up living in Silicon Valley and working yourself half to death is not worth hoping to luck out is all I am saying. Read a lot more stories on here about people in startups paychecks suddenly bouncing than them living the high life. But to each his own.

  6. This post has been deleted by its author

  7. Anonymous Coward
    Anonymous Coward

    Such Shite

    I attended one of their product lunches that did a comparison with other vendors. I walked away with a lot of serious bullshit splashed on my shoes and pants and I stunk for days.. " We can see threats out on the network before they are even inside your firewall". uh huh. " Its all about the algorithm". "Algorithm." "Algorithm." " Now watch how we compare to the others on a non-updated Windows 7 box that is not connected to the internet." The guy giving the presentation had zero experience in the security field but knew all about it. The tech guy giving the demo had a hard time looking sincere because he knew the whole thing was rigged. They have bought any negative outcomes they get from their obvious stretches of the truth. To be fair, they aren't the only ones that are deserving from professing things that simply aren't true. But this is security, so bullshit is especially bad in this realm.

  8. This post has been deleted by its author

    1. diodesign (Written by Reg staff) Silver badge

      Re: Bromium then Cylance

      "So Bromium's workforce has been significantly cut down"

      We heard a while back that people on the Mac team were cut. If you have any more details, get in touch - news@theregister.com or anonymously via Ricochet - ricochet:m3bnxucau5ishl2h

      Cheers,

      C.

      1. SurfCity

        Re: Bromium then Cylance

        Actually Bromium has stablized and is doing rather well. Product turned round, new leadership and an HP relationship for secure browsing that starts shipping on their computers shortly. On TechValidate the customer feedback is markedly better as well.

      2. Lucic877

        Re: Bromium then Cylance

        Bromium has done a 180. Tough first few years but the product is stable and much faster etc. They've added edr like features, partnered with HP etc.

        1. Anonymous Coward
          Anonymous Coward

          Re: Bromium then Cylance

          That is a lie (obviously coming from a Bromium employee). It used to be a cool tech and engineers had a blast building it. Bromium had 220+ employees at the peak and now there are barely 50 employees and they have cut all R&D budgets. The new CEO is a marketing guy and is obviously sending his jobless minions to look at forums and answer such queries - it's tad too late. I used to work there and got laid off. They are the only vendor left in the security isolation business the market has rejected this tech. You can expect only HP to pick up junk like this.

          Expect a fire sale

          1. Anonymous Coward
            Anonymous Coward

            Re: Bromium then Cylance

            "They are the only vendor left in the security isolation business the market has rejected this tech."

            Um, to add a little more accuracy to that statement. Microsoft is using virtualization and isolation in Edge in the Creators Update. I think it is called Windows Defender Application Guard and it resembles the Bromium tech so much that I thought they had licensed it from Bromium. The basic concept has value, but the user experience is lacking a bit. Then there are the usual criticisms of Microsoft security and all....

    2. sylclark_adm

      Re: Bromium then Cylance

      "Seems like maybe Symantec has nothing to working about from new age "security""

      I am hearing that their latest endpoint product (14) is doing well compared to the likes of Sentinel One or Cylance.

  9. allthecoolshortnamesweretaken

    "a wide-ranging restructure involving job cuts"

    That makes a massive RIF sound like something that can be taken care of with a couple of band-aids.

  10. asdf Silver badge

    wait wut

    >The firm closed a $100 million Series D funding round last June.

    Wow that next crash in Silicon Valley might be coming sooner than I though if venture capital is even throwing money at an antivirus company these days.

    1. Korev Silver badge

      Re: wait wut

      An antivirus company might actually be useful to humanity; so a new approach could be worth investing in.

      1. asdf Silver badge

        Re: wait wut

        >so a new approach could be worth investing in.

        Obviously with the way they are printing money and how valuable Intel found purchasing McAfee to be.

  11. Anonymous Coward
    Anonymous Coward

    False Positive Hell

    Cylance is struggling to move people out of pilot programs due to the hellish false positive rate. Yes, it may catch the new zero-day malware, but it doesn't matter if you nuke important DLL's from commercial software that all your developers use. Cylance admins sweat bullets at every update not knowing what is going to happen to their user base, and have to reclassify 1,000's of files?! Being DOSed by your AV program is not fun. 'We Ain't Got Time For That"

  12. WireBug

    it is still horrible with false positives. someone decided we need to use the product and I have NO confidence in this product... it fails all my tests and has only picked up false positives for legit products that I have installed.

    I know they like having no signatures, but how about cross checking the hash values or something..... all my test files went ignored by Cylance....

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019