Unit 221B Report Validates Deep Instinct’s Zero-Day and False Positive Threat Prevention Accuracy

Deep Instinct, the first company to apply end-to-end deep learning to cybersecurity, today announced validation of its threat prevention capabilities by cybersecurity firm Unit 221B. The claims were validated through tests in categories including portable, unknown, custom designed attacks, and Python executables, as well as static, dynamic, network, behavioral analysis, and signature detection.


“Unit 221B evaluated the Deep Instinct Prevention Platform to determine its prevention and mitigation benefits. We were delighted by its ease of use for both agent installation and front-end management. Our company is composed of professional skeptics and hackers that have a strong track record of bypassing security protocols and prevention systems, and we were happy to fail in this instance,” said Lance James, CEO and Founder of Unit 221B. “These real-world evaluations enhance our ability to work together to solve the most challenging problems in cybersecurity. Deep instinct was able to showcase why deep learning is a revolutionary factor for fighting and predicting the problems of tomorrow, while maturing your security posture today.”


After an in-depth analysis of the testing and accompanying results, Unit 221B found that the Deep Instinct Prevention Platform prevented all unknown and customized executables during the two-month testing period, validating the platform’s ability to successfully prevent malicious files and execution of malicious code even if the platform has never been exposed previously.


Key findings include the following:

  • 99.78% Accuracy - Deep Instinct exhibited a combined 99.78% accuracy rate for detection and prevention across unknown and custom attacks. Unit 221B tested Deep Instinct with a recommended configuration suitable for a mature customer’s hardened environment.

  • 100% of Unknown Attacks - Deep Instinct successfully prevented 100% of unknown attacks and 96.4% of Unit 221B’s customized attacks.

  • 60% Reduction - In events/alerts recorded to SIEM/EDR solutions with Deep Instinct installed compared to Microsoft Defender alone. This results in less strain on staffing and lowering of alert fatigue levels, allowing staff to be more focused on strategic and critical tasks such as patching and system hardening.

Deep Instinct was able to prevent 100% of the following zero-day and unknown threats:

  • Every unknown malicious portable executable with an authentic code-signing certificate.

  • PoshC2-generated shellcode – indicating that the shellcode product can recognize commonly generated shellcode patterns.

  • Multiple malicious document types, including Microsoft Word, Excel, and OneNote.

  • All custom malicious documents, links, HTAs, VBS, and other Active Script, PowerShell, as well as other type files created, including signed and obfuscated attacks specifically for this assessment and featured techniques commonly used to evade EDR detection.

  • All custom ransomware that used various methods of delivery. The product even displayed an ability to detect and prevent zero-day ransomware attacks.

  • Execution for every PowerShell sample tested. The tested scripts represent a varied catalog of PowerShell abuse tactics.

The Deep Instinct Prevention Platform proved to be effective in preventing several variations of malware pre-execution, while consistently preventing malicious attacks before the user knew they were being targeted. This is all done without needing to update the solution. Zero-day vulnerabilities, such as the vulnerabilities leveraged in the infamous Kaseya attack, were protected with greater than 96% accuracy, according to Unit 221B’s assessment.


“The Unit 221B results validate that a deep learning approach to cybersecurity is game changing, allowing the industry to finally get ahead of our adversaries,” said Guy Caspi, CEO of Deep Instinct. “We have grown tremendously as an organization over the past year and have seen significant success and customer traction across both our agent-based endpoint offering as well as agentless product set. Customers select Deep Instinct for our unique, pre-execution approach to stopping zero-day attacks. While most organizations focus on detection, we aim to prevent an attack before it gains access to your organizations’ infrastructure because, in many cases, detection is too little too late. I’m grateful for the team at Unit 221B for working on this evaluation.”


For full results and more information about Unit 221B’s product assessment of the Deep Instinct Prevention Platform, please visit: https://www.deepinstinct.com/pdf/unit-221b-deep-instinct-product-assessment.


###