Cylance Unveils Native AI Platform with Predictive EDR

Cylance is pleased to announce the Cylance native AI platform, which delivers a full suite of security solutions through a single, agile agent for comprehensive attack surface protection with deep-learning Al algorithms to support automated threat detection, prevention, forensic investigation, and response capabilities to customers worldwide.

Now that Cylance has successfully applied AI to prevent attacks from executing at the endpoint, it has advanced to another innovative use of native AI: to detect and respond to threats. By applying sophisticated machine learning to threat-detection modules, the Cylance AI platform continuously analyzes changes occurring on each endpoint to uncover threats that would be difficult, if not impossible, for a security analyst to find in real time.

When a potential threat is identified, the Cylance AI platform can take selected, decisive, automated actions to respond and thwart it.

“Businesses using endpoint solutions with AI as an add-on feature continue to be challenged by over-alerting and the resource demands of chasing threats,” said Sasi Murthy, Vice President of Product Marketing at Cylance.

“Organizations that require round-the-clock, expert-level protection across endpoints and networks are better served by a native AI platform that increases the level of security automation across the kill chain. Cylance offers an open API architecture that enables organizations to combine the Cylance AI platform with their existing security environments for easy integration and streamlined data sharing across a variety of technology tools. The result? Enterprise best-of-breed deployments and a stronger return on existing investments.”

The Cylance AI platform can run as a self-driving security operations center (SOC), where response-to-active threats can be initiated without human intervention. For senior teams that want a more hands-on approach to response, Cylance delivers the critical data required to make response decisions in a powerful, easy-to-use interface. The platform reduces the frequency and density of alerts and security data passed on to other controls and supports the industry’s first AI-driven endpoint detection and response (EDR) solution for on-demand threat hunting and automated response capabilities.

“As a healthcare company, keeping our endpoints secure can quite literally be the difference between life and death,” said Jerry Sto. Tomas, Chief Information Security Officer at Apria Healthcare. “Keeping all of our devices online and shielded from threats is critical to patient safety as well as business operations. Cylance offers a robust, lightweight model that integrates easily into our technology stack and provides predictive detection and threat mitigation capabilities that free up my team for more advanced work.”

The Cylance AI platform is a unified technology architecture built on continuous-integration-continuous-delivery (CICD) principles to deliver enterprise capabilities at high velocity, in keeping with fast evolving market needs. Importantly, the Cylance AI platform delivers a predictive advantage against never-before-seen malware on average of 25 months before it appears online. 

Cylance deployed malware conviction models in customer environments that were able to detect and block the top 10 malware attacks—including WannaCry and NotPetya—on average two years before those attacks were first detected in the wild. This proven over-the-horizon prevention capability against known and unknown malware is the predictive advantage that only a native AI solution, like the one delivered with the Cylance agile agent, can provide.

All Cylance offerings can now be installed with a single executable. Current customers have the option to enable Cylance’s full range of AI-based prevention and EDR functionality simply by purchasing and activating licenses. The updated AI platform is managed and deployed through a completely redesigned web-based console that provides access to the full range of platform functions that include:

  • AI-driven malware prevention
  • Device usage policy enforcement
  • Script management
  • Memory exploit prevention
  • Application control for fixed-function devices
  • Machine behavior + threat hunting + automated responses
  • Static behavior rule-based threat detection and response
  • Machine learning attack-tuned models
  • Root-cause analysis
  • Enterprise-wide threat hunting
  • Remote forensic investigations
  • Aggressive containment

Cylance has built the largest AI platform in the industry, enabling it to offer a portfolio of solutions ranging from enterprise endpoint protection, detection, and response, to Smart Antivirus for consumers, to OEM solutions. The lightweight Cylance agent offers high performance and resiliency and requires only minimal updates to its multigenerational AI model, providing powerful data science capabilities using deep learning algorithms designed to protect against future threat variants.

To learn more about Cylance and the full promise of AI to prevent against future threats, visit Cylance at RSA to speak to our experts. We’ll be in the North Hall of the Moscone Center at booth #6145 from March 4th-7th, 2019.