What does Cylance do?

Cylance, now a part of BlackBerry, primarily focuses on providing proactive cybersecurity solutions by leveraging artificial intelligence (AI) and machine learning (ML) to prevent advanced threats before they can execute. Its core offering, known as Cylance Protect, is designed to safeguard endpoints by identifying and quarantining malicious files and processes.

How Cylance Protects Digital Assets

Cylance Protect operates as an advanced threat prevention program that distinguishes itself from traditional antivirus software through its predictive capabilities. Instead of relying solely on signature databases of known threats, it analyzes the characteristics of files and running processes to determine if they pose a risk.

Here's a breakdown of its core functions:

• Threat Prevention: Cylance Protect utilizes sophisticated machine learning algorithms to categorize files and running processes. This allows it to predict and prevent various forms of malware, including ransomware, zero-day attacks, and fileless threats, even before they are widely known or have a signature.
• Artificial Intelligence at the Core: Unlike conventional antivirus solutions that often react to an attack after it begins, Cylance's AI models are trained on billions of threat characteristics. This enables the software to make rapid, on-device decisions about potential threats without needing constant cloud connectivity for every assessment.
• File and Process Categorization: The system meticulously examines the attributes of executable files, scripts, and other data, categorizing them based on their potential behavior. If a file or process exhibits characteristics indicative of malicious intent or abnormality, it is flagged immediately.
• Quarantine of Unsafe Elements: Any files or processes that are deemed unsafe or abnormal by the AI are automatically quarantined. This action isolates the suspicious content, preventing it from executing, spreading, or causing damage to the system.
• Low System Impact: Due to its pre-execution prevention model and reliance on on-device AI, Cylance solutions are known for their minimal impact on system performance compared to resource-intensive signature-based scanning used by older technologies.

Key Benefits of Cylance's Approach

Cylance's unique approach to endpoint security offers several advantages for individuals and organizations seeking robust protection:

• Proactive Defense: It shifts security from reactive detection and remediation to proactive prevention, aiming to stop threats before they can cause harm.
• Reduced Reliance on Signatures: By employing AI, it can identify novel and emerging threats that traditional signature-based antivirus solutions might miss.
• Offline Protection: The AI model operates directly on the device, providing continuous protection even when the endpoint is offline or disconnected from the internet.
• Simplified Management: Its automated prevention capabilities can reduce the need for constant signature updates and extensive manual intervention by IT security teams.

Practical Applications

Cylance's technology is vital for protecting various digital environments, from individual computers to large enterprise networks. It helps secure:

• Corporate Endpoints: Laptops, desktops, and servers used by employees across an organization.
• Mobile Devices: While Cylance Protect specifically targets traditional endpoints, the broader BlackBerry security portfolio includes solutions for mobile platforms.
• Internet of Things (IoT) Devices: As part of BlackBerry's overarching IoT security initiatives, the AI-driven prevention methods can extend to a wider range of connected devices.

By integrating machine learning and artificial intelligence, Cylance aims to provide robust, predictive security that continuously adapts to the evolving threat landscape. For more information on the broader field of AI in cybersecurity, you can explore resources like this overview of AI's role in cybersecurity or learn more about general endpoint security principles.