sb-eu logo
Story image

Cylance announces native AI platform with predictive EDR

26 Feb 2019

Security solutions provider Cylance has announced the Cylance native AI platform, which delivers security solutions through a single agent for attack surface protection with deep learning Al algorithms.

By applying machine learning to threat detection modules, the Cylance AI platform continuously analyses changes occurring on each endpoint to uncover threats that would be difficult for a security analyst to find in real time.

When a potential threat is identified, the Cylance AI platform can take selected, decisive, automated actions to respond and thwart it.

Cylance product marketing vice president Sasi Murthy says, “Businesses using endpoint solutions with AI as an add-on feature continue to be challenged by over-alerting and the resource demands of chasing threats.”

“Organisations that require round-the-clock, expert-level protection across endpoints and networks are better served by a native AI platform that increases the level of security automation across the kill chain.

“Cylance offers an open API architecture that enables organisations to combine the Cylance AI platform with their existing security environments for easy integration and streamlined data sharing across a variety of technology tools.”

The Cylance AI platform can run as a self-driving security operations centre (SOC), where a response to active threats can be initiated without human intervention.

For senior teams that want a more hands-on approach to response, Cylance delivers the critical data required to make threat response decisions in an easy-to-use interface.

The platform reduces the frequency and density of alerts and security data passed on to other controls and supports an AI-driven endpoint detection and response (EDR) solution for on-demand threat hunting and automated response capabilities.

The Cylance AI platform is a unified technology architecture built on continuous-integration-continuous-delivery (CICD) principles to deliver enterprise capabilities.

The Cylance AI platform delivers a predictive advantage against never-before-seen malware on an average of 25 months before it appears online.  

Cylance deployed malware conviction models in customer environments that were able to detect and block the top 10 malware attacks—including WannaCry and NotPetya—on average of two years before those attacks were first detected in the wild.  

The updated AI platform is managed and deployed through a web-based console that provides access to functions that include:

  • AI-driven malware prevention

  • Device usage policy enforcement

  • Script management

  • Memory exploit prevention

  • Application control for fixed-function devices

  • Machine behaviour + threat hunting + automated responses

  • Static behaviour rule-based threat detection and response

  • Machine learning attack-tuned models

  • Root-cause analysis

  • Enterprise-wide threat hunting

  • Remote forensic investigations

  • Aggressive containment

Story image
Acronis announces new security endpoint solution
The solution is an integration of data protection and cybersecurity which provides customers with effective endpoint protection in a landscape where the pointlessness of perimeter security is becoming more pronounced.More
Story image
Bitglass receives US patent for SAML technology
Bitglass designed its SAML relay to allow a cloud access security broker (CASB) to be inserted into the traffic flow between users and cloud services during the login process.More
Story image
The guide to digital security in unstable times
An increase in vulnerability across different sectors has meant that 2020 has seen more than its fair share of cybersecurity incidents. One of the most effective ways to combat the perils of today’s cyber-threats is to gain a better knowledge of the threat vectors looming over the heads of organisations. More
Story image
Jamf extends Microsoft collaboration with iOS Device Compliance
Organisations will soon be able to use Jamf for Apple ecosystem management while using Azure Active Directory and Microsoft Endpoint manager to maintain conditional access.More
Story image
75% of IT execs 'worried' about being targeted in cyber-attack
A new report from ConnectWise has shed light on the widespread concern about cyber-attacks, with 91% of SMB executives considering a move to an MSP if it provided the 'right' solution.More
Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More