BlackBerry Cylance Cybersecurity Reviews

I direct our design and engineering teams, and we craft solutions for on-premises or autonomous networks in the industrial industry, such as oil and gas, water, and manufacturing.

We use this solution as a layered defense for the defense strategy for our on-premises clients. An attractive thing about this solution is that it uses AI official algorithms to not only discover known stuff but also to discover anomalous behavior and things that are out of the ordinary. It is not just signature-based; it is an algorithm or AI and machine learning.

From an administrative overhead point of view, there is a 75% reduction in administrating the solution.

The non-daily requirement to update signatures is the most valuable feature. From a functional point of view, it is pretty spot on. For instance, we compared an algorithm from five years ago to today's algorithm, and it was 98% accurate. It has the ability to detect and mitigate.

In the industrial environment that we work in, there's what we call OT versus IT. You are IT Central, but this is OT. Generally, we don't have the same level of skillset as IT individuals or IT professionals have. This particular product doesn't require you to be a computer scientist to be able to understand its proprietary algorithm and to be able to deploy, use, and work within it. It integrates well with a robust SIEM or SOAR solution, and it plays nice with others. We use other detection solutions like CyberX or site provision with Cisco, and it plays nice. That's one of the things we really liked about it.

It could have integration with industrial base HMIS or Human Machine Interfaces Solutions. This is the industrial environment where you have a control center for all the automation that's happening, whether it is oil, gas, or chemical manufacturing. They often have to set up a computer at the back and watch the other stuff to get alerts. In these autonomous or on-premises environments, they often don't have access to email readily. Integration with other industrial solutions, such as HMIS, will allow them to communicate and get an alert that something has been found. This way, they can react to it sooner than having somebody watch the screen and keep checking the screen. Rockwell has its own suite. Similarly, Honeywell has its own suite. There's also an independent HMI/historian solution provider out there called VTSCADA. We actually get asked if we can get it to show up on a screen, which is difficult. Getting those alerts to work within an industrial environment would be a huge plus.

I have been using this solution for about a year and a half.

It has been rock solid. We haven't had any hiccups in terms of compatibilities and server uptime. Everything, such as application and reliability, is there. It is very strong.

It scales extremely well. We're on the low end of the quantity, but it scales up into tens of thousands very easily.

We have the ability to go right into critical because of our partnership level with them. Their support has been exemplary.

The initial setup is pretty straightforward. Our guys are trained up in it. 

They like to see licensing at a higher level. That's not the norm for on-premises economist environments in the industrial industry. If you're an integrator versus an end user, they like to look at the quantity. Even though they like to start at quantities less than a thousand, it is cumulative. I've got a thousand clients at a hundred, so now I've got a 100,000. Therefore, don't let the scalability, where they like to play in tens of thousands, dissuade you from incorporating this product.

It is quite different from the standard signature-based approach to endpoint protection. At first, you're a little worried because you're so used to staying on top of it or having to stay on top of it versus building a level of trust that it is actually working, and I don't need to mother it.

I would rate CylancePROTECT a nine out of ten. I'll never give anybody a ten because that's a perfect world, and we don't live in a perfect world. This rating is based on my experience with Cylance from the onset, learning the product, working with it to roll it out, working independently, and interfacing with the client. It has been very outstanding.

Our clients use CylancePROTECT for endpoint detection and antivirus.

The most valuable feature of CylancePROTECT is the support.

The solution’s user interface could be improved.

I have been using CylancePROTECT for two years.

I rate the solution’s stability a seven out of ten.

Our clients for CylancePROTECT are usually small and enterprise businesses.

I rate the solution an eight out of ten for scalability.

The solution’s technical support is good.

Positive

The solution’s initial setup was easy.

On a scale from one to ten, where one is difficult and ten is easy, I rate the solution's initial setup a seven out of ten.

Our clients have seen a good return on investment with CylancePROTECT.

On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a seven out of ten.

Overall, I rate the solution a seven out of ten.

We use the solution for endpoint protection.

It is a good endpoint solution. It is very easy to manage and detect a threat immediately. It will take the necessary actions.

The solution should implement AI in the product. The main purpose of CylancePROTECT is to prevent infections on our endpoints and increase security. The more intelligence the product gains, the better it is for us. Currently, it is already intelligent. It will require updates to continue improving and detecting the latest threats. Threat intelligence must always be preferred in AI machines; it will always radiate with new threats and learning.

I have been using CylancePROTECT for four years. We are using the latest version of the solution.

I rate the solution’s stability an eight out of ten.

Three to four people are using this solution. I rate the solution’s scalability a nine to ten out of ten.

The initial setup is straightforward and takes one to two days to complete.  It requires configuration and implementation from the backend.

I rate the initial setup a nine out of ten, where one is difficult and ten is easy.

We saved our employees and endpoints.

The product has a yearly subscription.

I rate the product’s pricing a five out of ten, where one is cheap, and ten is expensive.

We have evaluated Trend Micro. We switched to CylancePROTECT because it is cloud-based and very easy to manage. It's an advanced feature like AI implementation and integration.

Maintenance is automated. It automatically updates itself, so manual patching operations are unnecessary. Updates occur automatically in the background on client system endpoints regardless of the subject matter.

CylancePROTECT handles zero-day threats and unknown malware in your environment. They have implemented something called AI detection. It will detect all the things. If it is a host, it will alert; if it is anything in PeerSpot, it will also alert.

Overall, I rate the solution a nine out of ten.

I work in cybersecurity and with sensitive materials, so the solution is a proactive antivirus system.

CylancePROTECT is a proactive antivirus system, and I can't rely on a reactive system.

It actively monitors the behavior and activity of processes and will, without hesitation, terminate at root anything it determines to be suspect.

In essence, it will just terminate malware, even disguised malware. It will also occasionally terminate legitimate software that's trying to update, but at the same time, you can check in the dashboard. It has a very accessible and easy-to-read, and understandable record that tracks everything it does. It actively monitors what's going on.

So if you download the wrong software package, or you click the wrong link and run something, even if your computer does not detect something wrong, Cylance will notice that there is something off about it and will terminate it for you.

From my experience interacting with the primary or the central administrative console, it's quite complex. You would need a fair bit of technical experience to set it up, implement and maintain it. That would be one area for improvement.

It could be possible to make the UI for the admin dashboard more user-friendly or provide more explainer tooltips or more warnings before you change settings. The solution can do whatever you need, but you could annihilate your machine by changing the wrong setting, and you would have to start again.

Another quibble is that the endpoint visibility is a bit spartan. Because if a new policy is released from the admin console, you have to tell Cylance to check for a policy update, but when you do that, it does not tell you it has actually done that policy check, and there is no way of really knowing if it has actually updated. It would be nice to have a notification telling you whether or not the actions you have taken have actually been taken.

I have been working with CylancePROTECT for about a year.

I would rate the stability of the solution an eight out of ten. Since I started using the solution, I have only ever had one instance where it has had a problem.

We worked that out and updated it, and it was fine.

Once CylancePROTECT is set up, it is self-contained and is good to go.

I would rate the scalability for CylancePROTECT a ten out of ten since governments use the solution. The sky is the limit.

My organization has around 30 users.

My impression of customer support is that they take on advice and information. They provide a solution if you inform them of a weakness or an issue.

The initial setup is complex. The solution is military-grade, so I wouldn't expect anything less.

Setting it up at an enterprise level is relatively complex. But once set up at the administrative level, it is comparatively easy for the end user to set up.

Enrolling my phone with CylancePROTECT is a relatively easy process.

The solution is expensive.

I would rate CylancePROTECT an overall ten out of ten. With the evolution of malware, the dependence on a hash record renders a lot of antimalware inadequate, and a proactive antivirus system is necessary.

The solution is expensive but reasonable because it is a high-grade enterprise-level piece of software and is competitive for what it does.

I have not encountered any solution that is as good, effective, reliable, or powerful as this product.

We are currently using CylancePROTECT and CyclanceOPTICS.

Our primary use case is an anti-virus solution.

It is deployed globally throughout the organization.

Cylance is quite lightweight and does not require constant updates.

The Application Guard and ByteGuard are useful features.

The OPTICS component could be made more user-friendly with respect to giving people more information.

There are some issues that we have around our configuration, so I think that more training with respect to setup and configuration would be helpful.

I have been using Cylance for the past year and it has been in the organization for a couple of years.

This solution is very stable.

Cylance scales very well both on clients and servers. We have between 4,000 and 5,000 users.

I have not personally been in touch with technical support, but I know that when we have contacted them about anything in the past, they've been very responsive. Our account management team is very good, as well.

The company did use another solution prior to Cylance, but I don't know what it was.

The initial setup is very straightforward and the deployment took a few days.

We got a hold of the installation files and deployed them ourselves.

I think that the price we are paying is good for what it is. It could always be cheaper, but cheaper doesn't make it better.

Cylance is a product that I recommend trying. It is different from the traditional products that are out there like Symantec, McAfee, and Sophos.

This technology is very good, very stable, and we have great trust in it and what it delivers. They also do health checks from time to time and they help, which is useful.

This solution works well but there is always room for improvement. Nothing is perfect.

I would rate this solution an eight out of ten.

We use CylancePROTECT for endpoint Protection and EDR.

CylancePROTECT works on AI technology, is always up to date, and uses very few resources on your devices.

The solution’s technical support could be improved.

I have been using CylancePROTECT for three years.

I rate CylancePROTECT an eight out of ten for stability.

Around 50 users are using CylancePROTECT in our organization.

I rate CylancePROTECT a seven out of ten for scalability.

We previously used CrowdStrike. We switched to CylancePROTECT because CrowdStrike was expensive.

The solution’s initial setup is straightforward.

To deploy CylancePROTECT, you install the agent, register it, and then apply the policy.

CylancePROTECT is an affordable solution. On average, it costs around $ 60 per device per annum.

CylancePROTECT is a cloud endpoint solution with AI technology. CylancePROTECT is deployed on the cloud in our organization.

I would recommend CylancePROTECT to other users.

Overall, I rate CylancePROTECT an eight out of ten.

My company uses CylancePROTECT as an antivirus solution, installed on each PC.

What I like best about CylancePROTECT is its accuracy, as it doesn't give many false positives.

An area for improvement in CylancePROTECT is its pricing, as it's a bit costly.

I've been using CylancePROTECT for three years.

So far, CylancePROTECT is stable. I've never had any problems with it in terms of stability.

CylancePROTECT was deployed for my company with two hundred users, but I'm unsure if it can be deployed for more than that number and if it would still be scalable.

I only had to contact the technical support for CylancePROTECT once, and I don't have any complaints support-wise, so I'd give the support team a ten.

Positive

My company used Symantec before using CylancePROTECT, and it switched to CylancePROTECT because the update for Symantec was troublesome, plus it had some false positives. Symantec also couldn't detect some viruses, so the company decided to switch to a next-gen antivirus, such as CylancePROTECT.

The setup for CylancePROTECT was easy. You just had to do some clicking.

It took less than a month to deploy the solution, mainly three weeks, including installing tools on the endpoints.

An in-house team deployed CylancePROTECT for my company. I work for an IT company, so my company can do the deployment without help from an integrator or third party.

We've never calculated CylancePROTECT ROI.

My company is on a yearly CylancePROTECT subscription. Price-wise, the solution is slightly expensive, so I'd rate it as eight out of ten.

My company currently has two hundred CylancePROTECT users. That number could increase, but not significantly.

Two to three people took care of the deployment of CylancePROTECT.

I'd recommend CylancePROTECT to others looking into using it.

My rating for CylancePROTECT is eight out of ten.

We put the product on all of our desktops and servers.

The solution has broken down the organization by taking down the network about six times in two years.

The most functional item that we use is the process to turn off the false flags that it causes.

They could improve on the false positives, reporting and whitelisting features.

For future releases, it would be helpful to have an easy uninstall button. The reason being, unless you connect the system to the internet, which you may not want to do, Cylance cannot be uninstalled easily. They claim it's practically impossible. If you have access to the online admin panel, it's very easy to uninstall Cylance. There is no easy way to uninstall locally. I have read online there is a convoluted way with a series of reboots and safety reboots that you could possibly do it locally.

I have been using it for about two years.

It is not stable. The solution has caused six crashes over two years, with one of them requiring us to rebuild all of our Windows 10 devices.

Scalability is pretty good. We have around 100 users using the solution. However, when we rebuild new desktops, we're not installing it on them.

We have used Symantec before and a MSSP came in with a package to help us get more secure, but it really was a failure.

The biggest issue we have with the product is it gives false positives.

Beware and work out a process to restore items that were deleted by false flags.

Work out a process to investigate any odd behaviour or troubleshooting tickets with open source software being even a small sub-component.

For the majority of installs, the Cylance is going to break because of the small sub-component that's open-source that is out of date. Always no matter what problem is happening, double-check to see if there were any flags in Cylance because it's probably going to be Cylance blocking something along the line. It will drive you nuts to work with your third-party technical support to track down an issue to then find out it was Cylance blocking one small facet of it.

Work out all those details with your Cylance team first, this way, whenever you have an issue, you can identify that Cylance is involved because it's involved in everything.

An example of an issue we were having was while we were trying to install a check scanner the install did not work. Cylance was blocking an old open source piece of software that comes from Kodak that you can't update because Kodak says it is the latest version of our installer for the check scanner. The installer for the check scanner includes the open-source piece of software from Kodak that's out of date. This causes the entire check scanner not to work, Cylance blocks the main installation because of the sub-installation of the open-source software.

Make sure your ducks are in a row so that you can detect when Cylance is causing an issue, report it and get it whitelisted. If you do not, you're going to spend an inordinate amount of time figuring out whether or not Cylance did something to block you, whitelisting and then more time justifying why you need it whitelisted.

I'm sure we were much more protected with it on, but the problem is if you're protecting me from my network being taken down, by taking my network down, you are not protecting it. For this reason, I rate CylancePROTECT a five out of ten.