Call for Incident Response


Blackberry Cylance

"The Cylance AI Platform prevents threats before they cause harm, eliminating the noise [...] across your organization." -

AI-powered Endpoint Detection and Response Platform

Acquired by BlackBerry, Cylance is an AI-driven endpoint detection and response (EDR) platform that allows companies to intelligently strengthen, automate, and streamline their overall endpoint security efforts 24/7/365. Able to catch and mitigate highly advanced security threats as they emerge in real-time, Cylance’s EDR capabilities allow security teams to keep critical company assets protected from modern cyber attacks with virtually no impact on endpoint performance whatsoever.

  • Quick Deployment
  • Advanced Protection
  • Lightweight Agent
  • Signature-less Security

Quick Deployment - CylancePROTECT and CylanceOPTICS can be deployed far quicker than traditional EDR solutions--allowing larger organizations to make significant upgrades to their total endpoint protection efforts in virtually no time.

Advanced Protection - Advanced AI and machine-learning capabilities catch unknown, zero-day threats and prevent malware from executing in mission-critical areas.

Lightweight Agent - Cylance’s endpoint agents are extremely lightweight and require only a tiny fraction of processing power, helping completely minimize any performance impact on the endpoint.

Signatureless Security - Rather than rely on signatures to detect threats, Cylance’s AI-driven, signatureless design allows companies to automatically catch unknown threats with minimal human effort.

Cylance Solutions Overview


Using artificial intelligence as a driving force behind its threat prevention efforts, CylancePROTECTION is an endpoint detection and response (EDR) tool that efficiently protects company endpoints from critical threats legacy EDR solutions may miss. In addition to its strong protection against known cyber threats, CylancePROTECTION also has the capability to effectively prevent highly advanced or previous unknown threats, including fileless, memory-based, and zero-day cyber attacks.

Memory Exploitation Protection
CylancePROTECT provides additional security coverage by preventing file exploitations from executing in highly vulnerable and difficult to protect areas, such as the operating system or memory layers.

Application Control
Cylance’s application control capabilities ensure fixed-function devices perform optimally and remain in an uncompromised state at all times. Security teams have the ability to lockdown devices and restrict changes to mitigate any malicious changes they may be attempted.

CylancePROTECT gives security teams complete control over where scripts are run, when, and how to greatly reduce the risk of malicious scripts being executed in a company’s network.

Device Control
System administrators can customize device policies and enforce those policies automatically. USB mass storage devices, for example, may be blocked automatically to avoid any unauthorized and/or malicious data transfers.

Management Console Reporting
Through a rich and interactive dashboard provided by Cylance, security teams can monitor device usage and security data for all their endpoints across the network in real time. Critical data from CylancePROTECT, such as total device count, active threat events, memory protection coverage, auto-quarantine coverage, and other useful information can be tracked here.


CyberOPTICS is an incident prevention EDR module that operates within the CylancePROTECT environment. Where CylancePROTECT safeguards companies against incoming cyber threats, CylanceOptics provides the data visualization, alert automation, and incident response capabilities security teams need to proactively catch and eliminate emerging cyber threats at their root.


We Employ a Tool Agnostic Approach

We work with your organization whether your are evaluating your next security technology, trying to manage a newly purchased tool or upgrading legacy systems. We can help in any of these phases and can work with whatever tool you already have in place. Our proprietary orchestration tool SHIELDVision and our Threat Intelligence Feed work in concert with all security tools on the market.