Cylance® Guard

A subscription provides everything a client needs to safeguard endpoint onboarding, configuration, monitoring, threat hunting, incident handling, and remediation. Cylance Guard teams possess the strategy, expertise, and technology needed to proactively prevent threats and contain security incidents by correlating and analyzing alert and telemetry data from across an organization’s entire digital environment. Drawing on the same expertise and methods as the Cylance Incident Response (IR) team, analysts from Cylance or one of its strategic partners, hunt through customer environments to find and contain threats, prevent major breaches, and help organizations mature their security program.

Cylance Guard consolidates alert and telemetry data from users, desktops, servers, mobile devices, and networks through its seamless integration with Cylance AI-powered solutions and third-party products. 

• Cylance Protect - Uses predictive artificial intelligence (AI) to identify and prevent malware before it can execute. It also has features for preventing script-based, fileless, memory, and external device attacks. 
• Cylance® Protect Mobile -  Extends the predictive advantage and threat prevention capabilities of Cylance AI to iOS® and Android™ systems. It secures BYOD and other mobile technology from malware, outdated/unpatched software, URL phishing/smishing attacks, and unsafe network connections. 
• Cylance Optics - Extends threat prevention beyond disrupting malicious files and scripts. Cylance Optics uses on-device mathematical threat models to perform root cause analysis, smart threat hunting, and automated detection, response, and remediation. 
• Cylance Gateway - Provides critical Zero Trust Network Access (ZTNA) services like AIempowered network threat detection, source IP pinning, full/split-tunnel capability, and app-specific access. 
• Cylance Persona - Performs continuous authentication and adaptive policy control through AI-driven analysis of user location, behavioral analytics, organizational workflow patterns, and another security telemetry. 
• Third-Party Integrations - Cylance Guard also includes pre-built integrations with data from selected third-party products, as well as service options to integrate additional tools as needed. For example, Cylance Guard analysts can further enrich and contextualize Cylance Guard threat intelligence by using Cylance AI to analyze log data aggregated by a SIEM application, or by correlating Cylance Guard alerts with alerts triggered by SIEM rulesets.

BENEFITS 

HOLISTIC TELEMETRY BEYOND THE ENDPOINT 

• Cylance Guard empowers cross-tool threat hunting by correlating integrated data from Cylance Protect, Cylance Optics, Cylance Persona, and Cylance Gateway with data from third-party vendors’ desktop, mobile, servers, users, and networks. 
• Cylance Guard analysts optimize incoming telemetry to provide high efficacy detections, correlation, and potential actions in real-time. 

AI-POWERED MOBILE DEVICE SECURITY 

• Cylance Guard leverages Cylance AI for mobile threat defense and user behavior risk analytics. This helps protect users from the explosive growth of mobile phishing, malware attacks, and insider threats. 

MITRE ATT&CK FRAMEWORK MAPPING 

• Cylance Guard threat hunters trace adversary tactics, techniques, and procedures mapped to the MITRE ATT&CK® Framework to classify threats, profile threat actors, and provide complete threat visibility. 

DEEP SECURITY AND THREAT PREVENTION EXPERTISE 

• Cylance Guard analysts are world-class security experts that function as an extension of an organization’s internal team, managing threat hunting and alert management so organizations can focus on meeting core business goals. 

AROUND THE CLOCK COVERAGE 

• Bad actors are opportunistic and don’t respect office hours. An attack may be launched at any time. Cylance Guard analysts provide 24x7x365 protection and multi-regional compliance support, monitoring environments and responding as needed. 

ERADICATE THREATS WITH ACTIONABLE THREAT INTELLIGENCE

• Cylance Guard analysts help detect, respond to, and eradicate threats by providing human context to the alerts and threat vectors gathered from monitoring, correlating, and analyzing enterprise data.