sb-as logo
Story image

Cylance announces native AI platform with predictive EDR

26 Feb 2019

Security solutions provider Cylance has announced the Cylance native AI platform, which delivers security solutions through a single agent for attack surface protection with deep learning Al algorithms.

By applying machine learning to threat detection modules, the Cylance AI platform continuously analyses changes occurring on each endpoint to uncover threats that would be difficult for a security analyst to find in real time.

When a potential threat is identified, the Cylance AI platform can take selected, decisive, automated actions to respond and thwart it.

Cylance product marketing vice president Sasi Murthy says, “Businesses using endpoint solutions with AI as an add-on feature continue to be challenged by over-alerting and the resource demands of chasing threats.”

“Organisations that require round-the-clock, expert-level protection across endpoints and networks are better served by a native AI platform that increases the level of security automation across the kill chain.

“Cylance offers an open API architecture that enables organisations to combine the Cylance AI platform with their existing security environments for easy integration and streamlined data sharing across a variety of technology tools.”

The Cylance AI platform can run as a self-driving security operations centre (SOC), where a response to active threats can be initiated without human intervention.

For senior teams that want a more hands-on approach to response, Cylance delivers the critical data required to make threat response decisions in an easy-to-use interface.

The platform reduces the frequency and density of alerts and security data passed on to other controls and supports an AI-driven endpoint detection and response (EDR) solution for on-demand threat hunting and automated response capabilities.

The Cylance AI platform is a unified technology architecture built on continuous-integration-continuous-delivery (CICD) principles to deliver enterprise capabilities.

The Cylance AI platform delivers a predictive advantage against never-before-seen malware on an average of 25 months before it appears online.  

Cylance deployed malware conviction models in customer environments that were able to detect and block the top 10 malware attacks—including WannaCry and NotPetya—on average of two years before those attacks were first detected in the wild.  

The updated AI platform is managed and deployed through a web-based console that provides access to functions that include:

  • AI-driven malware prevention

  • Device usage policy enforcement

  • Script management

  • Memory exploit prevention

  • Application control for fixed-function devices

  • Machine behaviour + threat hunting + automated responses

  • Static behaviour rule-based threat detection and response

  • Machine learning attack-tuned models

  • Root-cause analysis

  • Enterprise-wide threat hunting

  • Remote forensic investigations

  • Aggressive containment

Story image
Protegrity rolls out updates to data protection platform
Protegrity has updated its Protegrity Data Protection Platform to better secure sensitive data in hybrid-cloud, multi-cloud and SaaS environments.More
Story image
Nokia: Cyber attacks on internet-connected devices on the rise
Cyberattacks on internet-connected devices continue to rise at an alarming rate due to poor security protections.More
Story image
Insider threat report reveals deception in the workforce
Insider threats come from people inside an enterprise, whether they divulge proprietary information with nefarious intentions, or are just careless employees that unwittingly share sensitive data, writes Bitglass product marketing manager Juan Lugo.More
Story image
Why organisations should wise up to the DDoS extortion trend
While it is essential to have a DDoS mitigation solution in place, it’s also important to test that it works as expected, writes NCC Group director of technical security consulting for Asia Pacific Tim Dillon.More
Story image
Financial institutions in APAC region to invest millions in fraud prevention
"The pandemic is creating a lot of uncertainty, but the majority of FIs in APAC recognise that an end to end fraud management platform is strategic to differentiating themselves from the highly disruptive landscape they are playing in."More
Story image
The rising threat of human-controlled ransomware
Until recently, most ransomware attacks have been automated affairs. But things are changing, writes Attivo Networks regional director for A/NZ Jim Cook.More