You might not know Cylance’s name. That’s entirely fair considering they are one of many, many cyber security companies out there. Despite this, the company does possess a successful history behind it. Founded in 2012 the company gained distinction as one of the first in the antivirus industry that used AI-powered prevention in their software to block attacks and malware according to Business Wire.
Unfortunately, the most distinguishing feature of this company these days is not a success story about how they made $100 Million in Series D funding, which did happen in June of 2016. No, the past six months have been unkind to the company despite earning a five-star rating from CRN’s Partner Program Guide.
So let’s take a look.
Odd that a cyber security company that’s not only doing well in funding but also receiving critical praise is undergoing a massive wave of layoffs but here we are, and Cylance is that company. Earlier this April reports were coming in that Cylance was experiencing a massive wave of layoffs. Cylance themselves notified us at SnapMunk by stating that the actual percentage of layoffs was around %4 of the company’s overall staff numbers.* Cylance responded to these inquiries made by The Register by saying:
Yes, the company did realign some resources to balance skill sets and focus on our strongest growth areas. Given the rapid growth over the past few years we had to move some resources and redeploy in other areas and this will enable us to continue expanding product lines and customer base globally.
Not exactly the best reply to such a heavy accusation, I grant you.
The layoffs became high profile this past Thursday when CTO Glenn Chisholm was revealed to have left the company despite being one of the earliest employees and the CTO in charge of research and development. Thus far no specific reason was given for his removal though they expressly made it clear that it was not related to the recent layoffs, stating that Glenn would remain “a valuable advisor to Cylance” as they told CRN.
And if that were it, we wouldn’t have half the article we do now.
The Malware Scandal
Last November Cylance became embroiled in a major controversy. The company provided 48 sample for testing that their endpoint protection system “Protect” easily recognized as malware. A systems engineer at an unnamed large company decided to take a look at said malware, and they noticed that no other competing products were able to identify all of the samples as such and took a closer look.
It turns out that several of those samples were not malware at all, and it appeared as though they were designed to appear as such so that Protect would identify them accordingly and look superior to its competitors.
Since then Cylance has remained in a storm of controversy over product tests especially since the company had previously accused businesses of using tests that fraudulently misrepresent Cylance’s performance. “Some of these testing houses refuse to show poor efficacy results so as not to impact their bottom line, and in that refusal, perpetrate a fraud against you, the consumer of that security testing report.” According to Chad Skipper, the company’s VP Industry Relations & Product Testing, in a blog post on Cylance’s website.
Cylance responded to these false malware accusations originally by saying that the engineer who packaged the files made a mistake and that the reason why they showed up as malware is that their software is trained to look for things that appear to be malware and was trained to ID those kinds of files as such.
Yeah, nobody really believes that excuse.
Cylance notified us directly here at SnapMunk with a blog post in response to these accusations. In short, it explains that the malware used in the test was part of an experimental set and lists in great detail why they weren’t noticed as malware. It further states that Cylance is continually employing more advanced malware detection methods well apart from the status quo of testing samples, stating “We also believe it’s important to test with malware samples that no one has seen before. Choosing malware sets from public malware repositories is testing for the past, not the future.”*
Despite these issues, Cylance remains one of the top cyber security competitors in the industry, retaining numerous awards for their work including recognition as the SANS Community as Best Endpoint Protection Product of 2016. It seems these problems aren’t enough to stop Cylance’s overall growth.
*Updated (May 1st, 2017): Cylance has officially contacted SnapMunk to inform us of the 4% statistic as well as the blog post linked to in this article.