Cylance Announces Native AI Platform with Predictive EDR and 24x7 Prevention Services
Cylance, the leading provider of AI-driven, prevention-first security solutions, has this week announced the Cylance native AI platform, which delivers a full suite of security solutions through a single, agile agent for comprehensive attack surface protection with deep-learning Al algorithms in its DNA to support automated threat detection, prevention, forensic investigation, and response capabilities to customers worldwide.
Now that Cylance has successfully applied AI to prevent attacks from executing at the endpoint, it has advanced to another innovative use of native AI: to detect and respond to threats. By applying sophisticated machine learning to threat-detection modules, the Cylance AI platform continuously analyzes changes occurring on each endpoint to uncover threats that would be difficult, if not impossible, for a security analyst to find in real time. When a potential threat is identified, the Cylance AI platform can take selected, decisive, automated actions to respond and thwart it.
“Businesses using endpoint solutions with AI as an add-on feature continue to be challenged by over-alerting and the resource demands of chasing threats,” said Sasi Murthy, vice president of product marketing at Cylance. “Organizations that require round-the-clock, expert-level protection across endpoints and networks are better served by a native AI platform that increases the level of security automation across the kill chain. Cylance offers an open API architecture that enables organizations to combine the Cylance AI platform with their existing security environments for easy integration and streamlined data sharing across a variety of technology tools. The result? Enterprise best-of-breed deployments and a stronger return on existing investments.”
The Cylance AI platform can run as a self-driving security operations center (SOC), where response-to-active threats can be initiated without human intervention. For senior teams that want a more hands-on approach to response, Cylance delivers the critical data required to make response decisions in a powerful, easy-to-use interface. The platform reduces the frequency and density of alerts and security data passed on to other controls and supports the industry’s first AI-driven endpoint detection and response (EDR) solution for on-demand threat hunting and automated response capabilities.
“As a healthcare company, keeping our endpoints secure can quite literally be the difference between life and death,” said Jerry Sto. Tomas, chief information security officer at Apria Healthcare. “Keeping all of our devices online and shielded from threats is critical to patient safety as well as business operations. Cylance offers a robust, lightweight model that integrates easily into our technology stack and provides predictive detection and threat mitigation capabilities that free up my team for more advanced work.”
The Cylance AI platform is a unified technology architecture built on continuous-integration-continuous-delivery (CICD) principles to deliver enterprise capabilities at high velocity, in keeping with fast evolving market needs. Importantly, the Cylance AI platform delivers a predictive advantage against never-before-seen malware on average of 25 months before it appears online. Cylance deployed malware conviction models in customer environments that were able to detect and block the top 10 malware attacks—including WannaCry and NotPetya—on average of two years before those attacks were first detected in the wild. This proven over-the-horizon prevention capability against known and unknown malware is the predictive advantage that only a native AI solution, like the one delivered with the Cylance agile agent can provide.
All Cylance offerings can now be installed with a single executable. Current customers have the option to enable Cylance’s full range of AI-based prevention and EDR functionality simply by purchasing and activating licenses. The updated AI platform is managed and deployed through a completely redesigned web-based console that provides access to the full range of platform functions that include:
- AI-driven malware prevention
- Device usage policy enforcement
- Script management
- Memory exploit prevention
- Application control for fixed-function devices
- Machine behavior + threat hunting + automated responses
- Static behavior rule-based threat detection and response
- Machine learning attack-tuned models
- Root-cause analysis
- Enterprisewide threat hunting
- Remote forensic investigations
- Aggressive containment
Cylance has built the largest AI platform in the industry, enabling it to offer a portfolio of solutions ranging from enterprise endpoint protection, detection, and response, to Smart Antivirus for consumers, to OEM solutions. The lightweight Cylance agent offers high performance and resiliency and requires only minimal updates to its multigenerational AI model, providing powerful data science capabilities using deep learning algorithms designed to protect against future threat variants.
Industry: Cyber Security & Artificial Intelligence News
- Head of CSOC (Cyber Security Operations Centre), London. Greenfield opportunity
CH7928 Identifier Project Head of CSOC (Cyber Security Operations Centre), London. Greenfield UNIQUE opportunity to establish, manage and grow a world class CSOC. Headquartered in the UK, the CSOC will grow and deliver cyber services into an international and underdeveloped market. As a greenfield site the Head of CSOC will be the first person on the ground to build a capability and team around them. The role will include, but not be limited to; Setting up and establishing a CSOC monitoring service using IBM QRadar and Palo Alto CORTEX XSOAR. Develop roadmap for future CSOC capabilities. Establish, develop processes, playbooks and use cases. Recruit, Build and train a specialist team. Build relationships with key clients- onboard and scale. The successful candidate must have experience working within / leading a technical Cyber Security monitoring capability. Technical experience working with IBM QRadar and Palo Alto CORTEX XSOAR will be highly beneficial, although other SIEM / Security Orchestration, Automation and Response tools are welcome as the skillset is transferable. This brings significant opportunity and welcomes creativity / best practice. Frequent travel to London office will be required. Chris.firstname.lastname@example.org 07884666351
- Aruba Data Centre Network Engineer
- Upto £500 a day
**Outside of IR35 contract** Aruba Data Centre Network engineer is required to start ASAP. You will be responsible for Data Center and Campus Network - Design and implementation of Aruba CX Switches, We are looking for an experienced data centre engineer who is happy to work remotely and autonomously Experience you will need to have, Solid Networking experience with good knowledge of -Routing & Switching - MP-BGP EVPN VXLAN, MPLS/VPLS, EIGRP, BGP, OSPF and Multicast, Experience with Aruba switches ideally the CX range Ideally SC cleared or able to become SC Cleared. This will be a 3 month rolling contract
- Network Engineer-
- 65000 plus bonus
An exciting opportunity has arisen with a global financal business that are looking for an experienced Network engineer with strong Firewall experience in particular Checkpoint You will be responsible for help to support and manage the network infrastructure both LAN/ WAN And VPNs and will have a focus on network secuirty (Checkpoint firewall and Security controls) This is a multi-Site environment with few thousand end users, As the business is growing so is the network so great opportunity to join an expanding business that will help cross-train you in both cloud and onsite solutions. They are looking for a strong network engineer with a mix of expereience o Experience with Azure networking managing VNETs, ExpressRoute, VPNs and other Azure network features such as NSG/MS loadbalancer is required. Working with Check Point firewalls in Azure is desirable. o In-Depth understanding of networking fundamentals including: Network topology, Data Centre Infrastructure systems, Layer 2/Layer 3 Switching, VLANs, Routing, VPNs, High availability protocols. o Demonstrable hands-on experience with Meraki Switches and wireless infrastructure, Arista software, Forcepoint Proxy (would be a strongly desirable), Citrix Netscaler, and Forescout CounterACT Location can be flexible, they are looking for someone who would be happy to do a hybrid working model 3 days at home 2 days in the office.
- Technical Cyber Trainer, United Kingdom
Technical Cyber Trainer, United Kingdom Cyber trainer needed to build a new cyber training capability to develop a team of international security analysts. Technical Cyber training experience is a MUST. Any experience delivering technical Blue team based training is highly desired. This is a UK based role. Able to travel to London on occasion- when required. Agile, flexible working. A technical background is highly desirable and prefered. The role Aid in the setup, fine tuning and on-going customisation of Technical Cyber Security’s training platform. CyberBit experience desirable. Design, develop and deliver the internal syllabus to train employees with low cybersecurity knowledge to become analysts. Manage, monitor, support and assess learners. Fine tuning training and bespoke development. Manage, monitor and assess SOC analysts. Support employees through their career. The ability to deliver remote training is essential. This is a UK based role. Able to travel to London on occasion- when required. Agile working. Apply today to find out more information. Chris.Holt@dclsearch.com +447884666351