… 17 percent or 20 percent efficacy. (Here’s our take on security product testing.)
So that’s where our customers are: “Let the AI do its thing, and take out the old agents that no one wants to use anymore.”
We run a tiny microagent, and we interoperate across every operating system, so we’ve been helping partners build out a story around protecting their Microsoft environment, or protecting their hybrid Mac OS environment, Linux environment and Windows. A huge differentiator for us is our ability to seamlessly plug into a variety of different environments.
CP: The skills shortage is another huge challenge partners and customers face. Does Cylance help with that?
DD: I just read on CSO Online that it’s only getting narrower, the number of people that have security expertise. And you know, and this has always been really sad thing for me to watch, they take really smart people that have years of hands-on experience with security, and they put them in a security operation center where they sit and watch a screen full of alerts and triggers that may or may not be a problem, and they’re expected to just sit there for hours a day.
We help them get out of that mode. We’re all about demonstrable results: Looking more at business outcomes, reducing help desk tickets, preventing having to re-image a system that’s been compromised, or limiting the scope of an incident by containing it. All that, seamlessly integrated into the architecture — that’s what we’ve been able to bring to the table.
CP: I know we’ve gotten past prediction season, but what new threats are you seeing, or are your partners starting to see?
DD: There are some very big vulnerabilities that have come across. Spectre is a great example. We’re seeing some advanced techniques around fileless malware. It’s difficult to pick it up because it’s not even a fully formed file.
We’re seeing masked identities, even tricks like attackers using a Word document that they send into an HR organization and while that Word document is opening – it takes 20, 30 seconds – in the background there’s a dropper that has a piece of malware and ransomware. The HR person clicks on that file and they go, “Oh, nice resume — wait, it’s having a hard time opening and loading.”
Before they know it, they’ve been ransomed.
In terms of the predictions, a couple of things are starting to happen. One is this convergence that Gartner has pointed out between the EPP [endpoint protection platform] vendors and the EDR [endpoint detection and response] space.
Second is consolidation of the market overall. It’s still a fairly crowded security market, and I’m seeing a huge uptick in …