Cylance is continuing its journey into AI threat protection, this time the offline world is its focus. The company has officially launched CylanceOPTICS, part of the CylancePROTECT suite.
The new offering is delivered through the company's AI platform and is able to conduct threat hunting and attack analysis without cloud connectivity, which means it's just as effective on airgapped networks as connected ones.
Not all threats are delivered through the internet: Cylance co-founder and CEO Stuart McClure says that the integration changes the operating model of endpoint security.
"Security teams can now focus their efforts on finding advanced threats that cannot be prevented pre-execution. Our focus continues to be on AI-based threat prevention, but now we are enabling easy threat hunting, attack analysis and incident response with CylanceOPTICS," he explains.
According to Cylance, the technology is able to use local data for search and collection of forensically relevant data. This means there's no continuous data streaming to the cloud.
Security experts are able to dissect any blocked attack, file of interest, executables and other indicators of compromise to see where the threat comes from. They can then use the information to close other gaps in their security infrastructure.
Doug Cahill, Enterprise Strategy Group's senior analyst of cybersecurity says that enterprises need to streamline threat hunting and incident response.
“With the explosive rate of malware growth and other threat vectors, an AI-based solution that automates time-consuming parts of the threat hunting and incident response workflow is important,” he adds.
CylanceOPTICS is available worldwide through authorised Cylance channel partners.