AI-powered Endpoint Detection and Response Platform
Acquired by BlackBerry, Cylance is an AI-driven endpoint detection and response (EDR) platform that allows companies to intelligently strengthen, automate, and streamline their overall endpoint security efforts. The software allows security teams to catch and mitigate sophisticated security threats in real-time.
CylancePROTECT and CylanceOPTICS are deployed faster than traditional EDR solutions, allowing larger organizations to make significant upgrades to their total endpoint protection efforts in a shorter amount of time.
Advanced AI and machine-learning capabilities catch unknown, zero-day threats, and prevent malware from executing in mission-critical areas.
Cylance’s endpoint agents are incredibly lightweight and require only a tiny fraction of processing power, helping minimize any performance impact on the endpoint.
Rather than rely on signatures to detect threats, Cylance’s AI-driven-signatureless design allows companies to catch unknown threats with minimal human effort.
Cylance Solutions Overview
Using artificial intelligence as a driving force behind its threat prevention efforts, CylancePROTECT is an endpoint detection and response (EDR) tool that efficiently protects company endpoints from critical threats legacy EDR solutions may miss. In addition to its strong protection against known cyber threats, CylancePROTECT can effectively prevent highly advanced or previous unknown threats, including fileless, memory-based, and zero-day cyber attacks.
- AI-driven malware protection
- Zero-day threat prevention
- Low-performance impact on endpoint
- Application control and device policy enforcement
- Memory exploitation detection and prevention
Memory Exploitation Protection
CylancePROTECT provides additional security coverage by preventing file exploitations from executing in highly vulnerable and challenging areas, such as the operating system or memory layers.
Cylance’s application control capabilities ensure fixed-function devices perform optimally and remain uncompromised at all times. Security teams have the ability to lock down devices and restrict changes to mitigate any malicious changes they may be attempted.
CylancePROTECT gives security teams complete control over where scripts are run, when, and how to greatly reduce the risk of malicious scripts being executed in a company’s network.
System administrators can customize device policies and enforce those policies automatically. USB mass storage devices, for example, can be blocked automatically to avoid any unauthorized and/or malicious data transfers.
Management Console Reporting
Through a rich and interactive dashboard provided by Cylance, security teams can monitor device usage and security data for all their endpoints across the network in real-time. Critical data from CylancePROTECT, such as total device count, active threat events, memory protection coverage, auto-quarantine coverage, and other useful information, can be tracked here.
CyberOPTICS is an incident prevention EDR module that operates within the CylancePROTECT environment. CylanceOptics provides the data visualization, alert automation, and incident response capabilities security teams need to proactively catch and eliminate emerging cyber threats.
- Rapid installation and deployment
- Zero-latency threat detection
- Automated threat detection and prevention
- Remote forensic data collection
- Syslog integration