Skip Navigation
BlackBerry Blog

The Intelligent Choice for Cybersecurity

/ 01.17.17 / The Cylance Team

How Cylance Is Redefining an Industry with Artificial Intelligence


The cybersecurity market continues to experience explosive growth as companies seek better solutions to protect critical systems and data, struggle to fill nearly a million open job positions worldwide, and enhance their overall risk management posture.

The continued growth stems from the reality that IT executives and SecOps staff face increased threats from evolving attack sophistication, and a mandate to ensure the organization is protected against compromise and the exfiltration, manipulation, or destruction of data. Moreover, the risk from these threats has grown exponentially as the modern world goes digital. 

Thankfully, there is Cylance, with its artificial intelligence (AI) and machine learning (ML) based software and services, which is transforming the security industry. How? The application of AI to cybersecurity issues is a complete paradigm shift, redefining successful security as being predictive, preventative, pre-execution protection. Instead of spending money on recovering lost or stolen data, or siphoning off money to pay ransom and extortion, you prevent attacks before they ever start.

The key differentiator between Cylance and legacy antivirus, including companies now claiming to employ some form of machine learning, lies in Cylance's application of artificial intelligence, which uses mathematic algorithms to accurately and autonomously predict which files are benign and which are malicious. The Cylance solution then prevents the malicious code from executing on the targeted system.

By comparison, the endpoint protection model of reacting to what has already been seen, experienced, or known, is limiting. Because of all the known ‘unknowns,’ many companies both large and small have acquiesced when it comes to trying to prevent attacks. The reactive procedure is also prone to human error, and can take from days to weeks between detection and a new signature, allowing a threat to propagate and cause damage before it is stopped.

The present cybersecurity mindset assumes some degree of breach will always occur, and thus, there will always be a need to for post-execution incident response.

For more than a decade, the endpoint security industry has fostered this approach and created cybertech bloat for users. Entire departments, budgets, and careers are built around ineffective, outmoded strategies that yield poor results.

Since the dawn of the first computer virus decades ago, cybersecurity operated in a breach and respond, detect and react business model. Vendors supplied tiered security with interconnected solutions meant to protect users, networks, data centers, and cloud resources. Multiple dashboards, products, and infrastructure were required. Layers of technology are purchased and cobbled together in the hopes of building some semblance of protection, resulting in a tremendous amount of shelf-ware being purchased, some of which won’t necessarily even be used.

Products from legacy vendors require signatures to be generated and updated on a regular basis to provide protection. This type of endpoint protection requires regular maintenance and updating, including the need to check hash values. And yet, even with the multi-layered, continuous update approach, security is ineffective against targeted attacks where samples that strike a customer have never been seen before. In addition, a signature-based approach presents problems for scalability. When there were ten new signatures a day, legacy antivirus was less cumbersome. Now that it’s a thousand or even a million a day, it doesn’t work because it doesn’t scale.

The core problem is that legacy antivirus solutions require at least one successful attack. This deficiency has never been addressed and tackled with sophisticated, unique, pioneering problem solving, until now.

Look Beyond the Buzzwords

Today many organizations claim to have developed or embedded machine learning into their product line. But these proclamations don’t hold up to scrutiny for many reasons.

Most companies don’t have a large data sample, their algorithms are too imprecise, or they cannot evaluate files at their most precise, granular levels. In addition, they don’t have the years of experience to train their model properly.

Even worse, many vendors tout machine learning, but the capabilities employed are merely more signatures derived in the form of ‘exceptions’ applied to what are called ‘generics.’ In the end, their solutions still need humans to do the analysis and write the exceptions — and that means creating a signature.

Using the universal laws of mathematics, Cylance delivers organizations of all sizes the ability to predict, prevent, and protect before malicious files execute. The result has been a groundswell of people embracing the new way of predictive, preventative protection.

What’s made Cylance successful is the explosion of available data, the low cost of computing power, and development of advanced math models. Cylance uses sophisticated algorithms or math models to detect patterns. The models are continually refined. By using Cylance AI, organizations can make better decisions at a speed and scale that surpass human capabilities. The AI protects endpoints automatically, at blazing speeds, by analyzing code and file characteristics, not file behavior. This is a boon for IT departments. More attacks are blocked and manual processes and redundant resources are eliminated at the same time. System performance and workflows are streamlined.

A Brand Apart

Cylance AI brings the future of cybersecurity to the present.

Cylance works without adding layers such as application control, host IPS, detect and response (EDR), URL filtering, or device control. It helps organizations achieve optimum efficacy rates without flimsy antivirus features like signatures, blacklisting, sandboxing, and isolation. Cylance achieves a superior rate of efficacy, preventing 99% of attacks before they even execute.

Perhaps most important, Cylance AI stops never-before-seen, never-experienced, never-known malicious files. This is big. It’s worth repeating. Cylance AI, with its machine learning math models, stops unknown threats, including exploits yet to be developed or detected.

Machine learning solutions touted by other companies, when you carefully evaluate, fall short for many reasons:

   They require a first breach and/or victim
   They do not use an extensive, gradient math model
   They only use hundreds, not millions, of file features
   They require Internet cloud connectivity

Cylance AI delivers value. Organizations have a reduced footprint with a single management console for prediction, prevention, and analysis. Its predictive analysis gives people a new level of attack prevention without signatures or manual behavioral analysis. The security alarm “silence” provided by not taxing the processor with deep scans results in less than 1% of PC processing power being used.

Cylance works seamlessly with existing security software or as a stand-alone endpoint protection solution. With Cylance, you don’t need Internet connectivity, cloud-capabilities, or daily scans.

Cylance makes antivirus, sandboxing, isolation, and detect and response tools obsolete. Its radically new way of securing has successfully protected millions of endpoints around the globe. It’s simple. Cylance prediction and prevention work. Executives and IT staff no longer have to imagine the possibilities. They just need to embrace them.

Want to learn more? Read the white paper.

The Cylance Team

About The Cylance Team

Our mission: to protect every computer, user, and thing under the sun.

Cylance’s mission is to protect every computer, user, and thing under the sun. That's why we offer a variety of great tools and resources to help you make better-informed security decisions.