BLACKBERRY CYLANCE
Can AI effectively protect your endpoints from malware?
11 July 2019
AI is a formidable weapon against even the most advanced malware
The latest artificial intelligence (AI) can be used to automatically detect and resolve potential malware or cyber-threat incidents. What’s more, it all happens without human intervention. So, in terms of protecting your mobile devices and endpoints, AI is a formidable weapon against even the most advanced malware.
In the new era of mass-manufactured malware, a traditional antivirus (AV) approach to protecting your mobile endpoints isn’t enough. In other words, signature-based AV alone is insufficient to protect your mobile devices and your data.
Next-generation EDR solutions
The next generation endpoint detection and response (EDR) solutions focus on prevention rather than detection. This means eliminating the risk of malicious activity executing on the endpoint completely (proactive), as opposed to trying to quickly detect an attack after it has happened (reactive).
This new approach doesn’t use human-created file signatures at all. Instead, it uses AI based on machine learning to automatically distinguish good (benign) files or activity from bad (malicious) files or activity based on mathematical risk factors. Once this good/bad classification is made, it’s possible for a machine to decide what to do with these files in real time.
Cylance provides a proactive way to protect your business. Their prevention-first model is powered by AI and requires no human interaction whatsoever.
Cylance by numbers
25 months
Cylance predicts threats up to 25 months before they’re found in the real world
30,000
One customer saw their endpoint threat detection number drop from 30,000 to under 10 a day
0.000314%
The false positive rate is 0.000314%, which is one of the market’s lowest
100%
It’s 100% SaaS and takes just a few minutes to install remotely (there’s also an on-prem option)
4,000
Cylance products are already being used by more than 4,000 customers
Zero
This technology doesn’t depend on the cloud so it can prevent unknown cyberattacks with zero connectivity.
Prevention-first
Cylance doesn’t rely on signatures. It uses advanced mathematical science and AI to identify the difference between good and bad files, which is a much more efficient way to prevent incidents and protect endpoints.
Put simply, Cylance will stop stuff that you’ve never heard of or seen before.
More efficient protection
With the traditional endpoint detect and response (EDR) model, the idea is to capture every event on the endpoint. This gives you a trail of information that can be meticulously investigated to find out exactly what happened.
In a prevention-first system like Cylance, there’s no need to hang onto every single piece of data. Cylance only grabs artefacts that relate to the protect event, making it much more efficient.
This means any data collected is much more relevant and this also reduces cost and time, especially when it comes to searching through the data to find a resolution to any threats identified.
