SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Cylance announces native AI platform with predictive EDR
Tue, 26th Feb 2019
FYI, this story is more than a year old

Security solutions provider Cylance has announced the Cylance native AI platform, which delivers security solutions through a single agent for attack surface protection with deep learning Al algorithms.

By applying machine learning to threat detection modules, the Cylance AI platform continuously analyses changes occurring on each endpoint to uncover threats that would be difficult for a security analyst to find in real time.

When a potential threat is identified, the Cylance AI platform can take selected, decisive, automated actions to respond and thwart it.

Cylance product marketing vice president Sasi Murthy says, “Businesses using endpoint solutions with AI as an add-on feature continue to be challenged by over-alerting and the resource demands of chasing threats.

“Organisations that require round-the-clock, expert-level protection across endpoints and networks are better served by a native AI platform that increases the level of security automation across the kill chain.

“Cylance offers an open API architecture that enables organisations to combine the Cylance AI platform with their existing security environments for easy integration and streamlined data sharing across a variety of technology tools.

The Cylance AI platform can run as a self-driving security operations centre (SOC), where a response to active threats can be initiated without human intervention.

For senior teams that want a more hands-on approach to response, Cylance delivers the critical data required to make threat response decisions in an easy-to-use interface.

The platform reduces the frequency and density of alerts and security data passed on to other controls and supports an AI-driven endpoint detection and response (EDR) solution for on-demand threat hunting and automated response capabilities.

The Cylance AI platform is a unified technology architecture built on continuous-integration-continuous-delivery (CICD) principles to deliver enterprise capabilities.

The Cylance AI platform delivers a predictive advantage against never-before-seen malware on an average of 25 months before it appears online.

Cylance deployed malware conviction models in customer environments that were able to detect and block the top 10 malware attacks—including WannaCry and NotPetya—on average of two years before those attacks were first detected in the wild.

The updated AI platform is managed and deployed through a web-based console that provides access to functions that include:

  • AI-driven malware prevention

  • Device usage policy enforcement

  • Script management

  • Memory exploit prevention

  • Application control for fixed-function devices

  • Machine behaviour + threat hunting + automated responses

  • Static behaviour rule-based threat detection and response

  • Machine learning attack-tuned models

  • Root-cause analysis

  • Enterprise-wide threat hunting

  • Remote forensic investigations

  • Aggressive containment