Press Release

SE Labs Test Shows CylancePROTECT® Identifies and Blocks Threats Years Before Malware Appears in the Wild

Press + Media Contact
Cylance PR Team
Cylance Inc.

Cylance® offers Predictive Advantage of up to 33 months into the future without relying on updates or cloud queries

IRVINE, CALIFORNIA, April 11, 2018 - Cylance Inc., the company that revolutionized the antivirus and endpoint protection industry with true AI powered prevention that blocks advanced cyberattacks, including fileless attacks, malware, advanced persistent threats, and zero-day attacks, today announced the results of SE Labs’ Predictive Malware Response Test of CylancePROTECT, its prevention-focused AI endpoint security product.

SE Labs determined the efficacy of artificial intelligence by identifying what they call Predictive Advantage (PA), the time difference between the creation of the AI model being tested and the first time a threat is identified. All past and present AI models of CylancePROTECT were tested against nine threats and five variants of each that were found in the wild after May 2015. They were WannaCry, Cerber, Petya, NotPetya, Locky, Bad Rabbit, GhostAdmin, GoldenEye, and Reyptson, all dating from February 2016 to November 2017. CylancePROTECT had an average predictive advantage of 25 months, and in some cases, it recognized and protected against threats that would not appear in the wild for another 33 months.

Traditional cybersecurity product tests measure the effectiveness of solutions against known, signature-based malware. However, the detection-based approach to cybersecurity has become ineffective in a rapidly evolving threat landscape. SE Labs’ methodology tests the ability of products to protect against unknown threats. For the test, the May 2015 model of CylancePROTECT was used offline or in self-contained mode, without the benefit of updates or cloud queries. This allowed SE Labs to isolate and identify the power of older generations of AI against new and upcoming threats. It demonstrated that CylancePROTECT prevented advanced threats without reliance on signature-based learnings, and with no false positives.

"SE Labs asked if a previous version of CylancePROTECT could work in a modern context, against future threats. It’s a unique approach that forces you to consider the role AI plays in protecting users," said Chad Skipper, VP Competitive Intelligence & Product Testing at Cylance. "Traditional AV relies on recognizing malware signatures to improve its product, but these results clearly show that a preventative, AI based approach to security is both necessary and a better approach. SE Labs is highly regarded for their quality of tests, and we look forward to working with them to keep AI and a prevention-based approach front and center."

Test results demonstrate the CylancePROTECT May 2015 model was capable of preventing threats that did not exist at the time the AI model was trained, and provide insight into how far ahead in time it could be effective without new knowledge. In the previous three years, Cylance has developed advanced generations with new insights and learnings. Test results show that CylancePROTECT is able to predict future attacks, giving users an advantage against future adversaries and threats.

"The cybersecurity landscape is crowded, causing confusion in the market and uncertainty from decision makers as to how to allocate their resources. That is partly why we are developing advanced testing methodologies - to shine a light on the most effective products on the market," said Simon Edwards, director of UK-based SE Labs. "We as an industry need a better way to test products, and this test is a step in the right direction. CylancePROTECT’s performance in this test showcases the power of its AI against some of the most damaging threats we’ve seen in the past three years."

Cylance will be at the RSA Conference in San Francisco next week, April 16-20. Visit the Cylance booth in North Hall, booth #3911. For more information about Cylance’s RSA presence, please visit:


Product testing was conducted between January 28 and March 24, 2018. The test was conducted without internet or other access to back-end systems. SE Labs conducted the test using virtual machines. Threats and legitimate applications were independently located and verified by SE Labs. Malicious and legitimate data was provided to Cylance once the full test was completed. The test was sponsored by Cylance, and the artificial intelligence models used in the test were chosen and provided by Cylance.

About Cylance® Inc.

Cylance is the first company to apply artificial intelligence, algorithmic science, and machine learning to cybersecurity to prevent the most advanced security threats in the world. Built on a breakthrough predictive analysis process, the Cylance AI Platform serves as a foundation for innovative, AI driven security products to address critical attack vectors. The company’s flagship product, CylancePROTECT, quickly and accurately identifies what is benign and what is a threat, and prevents malicious code from ever executing on a targeted system. By coupling advanced machine learning and artificial intelligence with a unique understanding of an attacker’s mentality, Cylance provides technology and services that are truly predictive and preventive against the most advanced threats. For more information visit:


Cylance and CylancePROTECT are registered trademarks or trademarks owned by Cylance Inc. in the United States and other jurisdictions and may not be used without prior written permission. All other trademarks are the property of their respective owners.


We use cookies to provide you a relevant user experience, analyze our traffic, and provide social media features. Read More