Page 10 - BlackberryCylance
P. 10
CylanceOPTICS ™
Endpoint Detection and Response Designed
for CylancePROTECT Endpoints
®
Features The Endpoint Security Challenge
Endpoint security teams are inundated with data from the security products deployed
• Root Cause Analysis:
Web-based, on-demand, across their network. Due to the need to maintain business continuity above all else,
root cause analysis of attacks however, these teams have little time to perform any proactive threat hunting or
blocked by CylancePROTECT strategic security improvements, leaving critical threats unidentified and their business
at risk.
• Smart Threat Hunting with
InstaQuery: Search endpoint Compounded by the scarcity of skilled security resources, organizations rely on security
data instantly for potential tools to provide them the insights they need to identify, detect, and respond to security
incidents. Unfortunately, many of these tools are not equipped to handle today’s threats.
threats hiding on endpoints
• Dynamic Threat Detection A New Approach To Endpoint Detection and Response
and Alerting: Instant notification
when suspicious activity is CylanceOPTICS, part of the prevention-first Cylance Security Platform, is an artificial
detected on any endpoint intelligence (AI) driven endpoint detection and response (EDR) solution designed to
extend the prevention delivered by CylancePROTECT through root cause analysis,
• Automated Incident Response: scalable threat hunting, and automated threat detection and response without
Customize automated response increasing costs or security team workloads.
actions associated with rule
sets to eliminate the dwell time Unlike other EDR products that require significant investment in on-premises
between threat detection infrastructure or force an organization to stream data continuously to a cloud
and incident response action environment for storage and analysis, CylanceOPTICS runs on the endpoint, storing data
locally and eliminating the need for additional hardware or the cost and risk associated
• Built for Scale: High with streaming data to the cloud.
performance architecture
built for scalability CylanceOPTICS allows security professionals to dissect any attack detected and
blocked by CylancePROTECT to determine root cause and improve their overall security
framework with ease. Additionally, CylanceOPTICS provides a streamlined threat
hunting capability, which makes it easy for any user to gain situational awareness
across the enterprise.
Security professionals can use CylanceOPTICS to perform on-demand enterprise-wide
threat hunts, searching for files, executables, and indicators of compromise, to quickly
determine if any endpoint is at risk, minimizing available attack and dwell time to reduce
the attack surface and increase incident response speed.
Built-in automated threat detection and response capabilities automatically detect
suspicious behaviors and other indicators of advanced threats on endpoints, and can
initiate specific response actions without any human intervention. This means the
business remains secure 24x7 without disrupting your security team.
Effective Threat Detection Starts with
Superior Threat Prevention
While 100% detection and prevention of all threats is not possible, it is important
that organizations begin their path to total endpoint security with a strong prevention
strategy. By doing all they reasonably can to prevent threats from impacting their
business, organizations can then turn their attention to layering on technology and
processes aimed at detecting and responding to the hard-to-prevent threats targeting
their business.
