Bit of a misnomer
Good article.
Cylance etc whilst being actually quite good do rather over egg their technology and to use the term "AI" is a little naughty really.
They (and others) are using behavior markers to detect stuff that has all the hallmarks of something undesirable.
I know McCrappy and all of the other talked about heuristics a long time before, but for whatever reason that never worked in any way I ever saw.
Cylance (and some others I have personally tested) does work in this way, it is quite good vs signature based AV. I have seen it detect absolutely unique malware samples. That is quite impressive really.
On the other hand, it's also had quite a significant false positive rate against all sorts of stuff including a lot of our software deployment packages and Office365 automatic updates. In fact, so many that whilst its nailing the bad stuff, it would hose our business unless we spent a lot of time and effort staging software deployments through whitelisting.
Security is always a double edged sword, particularly when you let an algorithm run rampage. August 4th its protecting you but by 2:14 a.m. Eastern time, August 29th its trying to wipe out the human race.