BlackBerry Cylance Cybersecurity Reviews

My company uses CylancePROTECT as an antivirus solution, installed on each PC.

What I like best about CylancePROTECT is its accuracy, as it doesn't give many false positives.

An area for improvement in CylancePROTECT is its pricing, as it's a bit costly.

I've been using CylancePROTECT for three years.

So far, CylancePROTECT is stable. I've never had any problems with it in terms of stability.

CylancePROTECT was deployed for my company with two hundred users, but I'm unsure if it can be deployed for more than that number and if it would still be scalable.

I only had to contact the technical support for CylancePROTECT once, and I don't have any complaints support-wise, so I'd give the support team a ten.

Positive

My company used Symantec before using CylancePROTECT, and it switched to CylancePROTECT because the update for Symantec was troublesome, plus it had some false positives. Symantec also couldn't detect some viruses, so the company decided to switch to a next-gen antivirus, such as CylancePROTECT.

The setup for CylancePROTECT was easy. You just had to do some clicking.

It took less than a month to deploy the solution, mainly three weeks, including installing tools on the endpoints.

An in-house team deployed CylancePROTECT for my company. I work for an IT company, so my company can do the deployment without help from an integrator or third party.

We've never calculated CylancePROTECT ROI.

My company is on a yearly CylancePROTECT subscription. Price-wise, the solution is slightly expensive, so I'd rate it as eight out of ten.

My company currently has two hundred CylancePROTECT users. That number could increase, but not significantly.

Two to three people took care of the deployment of CylancePROTECT.

I'd recommend CylancePROTECT to others looking into using it.

My rating for CylancePROTECT is eight out of ten.

We use this solution for endpoint protection for our external devices and laptops.

The deployment of updates is easy.

Not having OPTICS doesn't allow us to do any history. We don't have OPTICS, but FortiEDR comes with things like OPTICS, which is nice because we are not able to see more. 

OPTICS gives you things that FortiEDR has built in. For Cylance, there is an add-on to do the things that come with that solution.

It would be nice if Cylance didn't separate PROTECT and OPTICS and put them together and made them on the same price point as FortiEDR, and some other ones rather than having to pay extra for something that the others already have built-in, and seen to do better.

It often lets you waive something for the firm or for the whole company and then comes back and blocks the same thing because you have to do the certificate instead of the hash. You are finding yourself having to approve for the same program, the same application, the same file more than once and it's frustrating.

While the deployment of updates is easy, it would be good to have some more information about which version to use, because the versions that are available seem to be outdated. 

When you go to the admin section, you will see that you will have the latest update from months ago and a month before that, and a month before that. 

I have a hard time believing that there are no more updates in between when there are things that are out all the time. It just doesn't make you feel like you're getting covered or have the best protection, which you should have. 

I have been using this solution for two years.

We are using one of the newer versions. I don't always install the updates.

The stability varies. It's not consistent and it's frustrating.

Things that are blocked, you waive and it comes back. It's very frustrating. It doesn't keep up with the machines. 

You have a lot of machines and if you reimage a lot you will see many duplicates that you have to export and remove from figuring out which one's the MAC address. It should have an easy way to know that a machine is re-imaged, and not adding to your list of devices.

You end up having all these devices that are no longer being scanned that you have to figure out what they are. It is frustrating.

We have approximately 200 users in our organization. It's for everyone in our accounting firm, who are accountants, auditors, IT, and HR accounting.

We don't have plans to continue using this solution, we are considering other options.

We don't go through technical support directly. We go through a reseller and they take care of it. We have never directly talked to BlackBerry or Cylance about any issues that we have had.

Previously, we had McAfee ePO. We changed to CylaneProtect, a solution that we felt would be a better fit, and that was not managed in-house, on a local server that we used for that. It was time to move on from that.

The initial setup was fine. It's doesn't take a long time to deploy.

Uninstalling is difficult. Sometimes it doesn't remove easily, and that is frustrating. 

It would be nice if it had an uninstalled feature within the dashboard, in the SAS part of the application online, because it would do everything itself. Unless it is something that I have missed or that I didn't see. 

With FortiEDR you can go in, and you can uninstall from the dash, find the endpoint you right-click, or you click a button, then you choose to uninstall and it pulls it from the machine. You don't have to put in any keys, or anything. It does it from there. I don't believe that Cylance does that, but it would be nice if it did.

We have a team of two, myself and my colleague maintain this solution.

The deployment and implementation were completed in-house.

I would advise that they keep in mind what it doesn't do and be open to looking at things that include more and cost less.

I would rate CylanceProtect a four out of ten.

Does malware analysis. Blocks WannaCry and other attacks that have come out.

It lifted the burden on the helpdesk from having to keep computers updated with definitions and thus reduced the labor hours spent monitoring AV on endpoints.

It needs real analysis of quarantined files. The EDR product isn't showing much right now.

We have been using this solution for one year.

Some DLLs and in-house apps were quarantined. Alerting mode is the way to deploy this software for at least three weeks.

I did not encounter any issues with stability.

I did not encounter any issues with scalability.

I would rate customer service as excellent.

I would rate technical support as excellent.

The previous solution had too many things to monitor and required dedication to fix corrupt definitions. These required manual transfers and sometimes helpdesk time on the endpoint to fix the incumbent product.

We implemented it in-house with the help of the sales engineer.

The ROI is immense, particularly in less dedicated labor hours. The ROI was much more in terms of security, particularly when new security flaws have recently appeared. By virtue of having this software product, the C-level suite feels more secure, because IT does not have to start taking downtime to patch servers in a hurry.

Review closely how many endpoints you actually need before buying into a pricing level. Deal and deal with the VAR of your choice.

We evaluated Palo Alto Traps and Carbon Black.

Review the performance of Cylance over the next year and ask for a 60 day trial, not just a 30 day trial. Monitoring the growth of this company is very important to determine if the product remains at the level that is in today.

We utilize the solution to safeguard approximately 500 users against malware threats. It notifies us via email about any suspicious files or activities.

Compared to our previous antivirus solution, Kaspersky, CylancePROTECT has significantly simplified our management tasks. 

The platform's most valuable features are the malware detection capabilities. 

Enhancing the product's detection rates and streamlining the user interface for easier management in daily operations would be beneficial improvements.

I've been using CylancePROTECT for about two years.

I would rate the stability about a seven. While generally stable, there is room for improvement.

I would rate the product scalability around a three. It can be slow when making system-wide changes that affect all 500 computers.

The technical support services need improvement in terms of their knowledge and responsiveness.

Neutral

Deployment took approximately a month due to the complexity of managing multiple remote offices. We initially attempted deployment via group policies but encountered challenges. Eventually, we opted for an external application like PDQ Deploy to facilitate the process. I would rate the initial setup process around a six. While manageable, it required some assistance from the provider.

Overall, I am quite satisfied with CylancePROTECT. Its effectiveness in malware detection is a significant advantage.

I would rate it around an eight or nine.

The best use case is that it actually lifts off a lot of burden on customers, especially when they are deploying Cylance compared to other solutions. 

One of the best features of the solution is that it's easy to deploy. Second is the management part and the protection. It's way ahead of the other solutions compared to the signature-based one.

The base platform, the CylancePROTECT is a very good technology. If you upgraded that into a CylanceOPTICS, that will also help, however, CylancePROTECT itself can do a lot of protection.

There's a feature that they added called PERSONA. This is AI-based user behavior monitoring which is very useful.

It's straightforward to deploy.

If they can add more features on top of their Persona feature that would be ideal. It could also improve the UEBA feature of Cylance.

I've been working with the solution for around five years. I started using it around 2016.

As a cloud-based management platform, it's very stable. The version of the agent is very minimal in terms of updates. In terms of support, they have very broad support on several operating systems. The stability is quite high for this kind of solution.

It's a cloud-based management platform. It's very scalable. It's easy to ramp up the number of devices that you want to be managed by this kind of solution. It's highly scalable.

Our clients have actually upgraded and ramped up the number of licenses from the first time I deployed and introduced them to the solution. Most of our customers have expanded usage via the number of licenses they have.

I've used technical support in the past. The technical support, the SLA, if they can improve that aspect of the product it'll be much appreciated.

Neutral

I've also worked with CylancePERSONA over the past year or so. 

The initial setup is very straightforward. It's not overly complex. 

The management and maintenance is also very easy. 

What I've heard from my customers is that Cylance, in terms of pricing, is a bit higher compared to other prominent solutions like Kaspersky and Symantec, however, that's about it in terms of what I know about the product pricing.

I'm working in a distributor company and we are actually selling CylancePROTECT.

The primary platform is a cloud-based solution. It is managed in the cloud. The one on-premise is called the hybrid platform where you can also do management locally on your site.

The best way to see the solution is to try it out. Try it first before worrying about pricing and see if it will meet your needs and how it works for your business.

I'd rate the solution eight out of ten. They simply need to improve the SLA, the response, and the Persona feature. If they do, I would rate it higher. 

We are part of a startup company that is operating in the same domain as this solution, so we tested it as part of the competition.

On the management side, we liked the way it displays things.

The downside is that the information displayed is not enriched enough. There was not much information available, that we could see. It should provide more details about the events that they have detected. There should be more information available post-incident. Basically, the user is informed that they have caught a threat, stopped it, and that's it.

Users want to know what the threat was, the type of attack, how it got in, which IP address, did it go into lateral movement, etc. The kind of information that could be analyzed by IT experts to take forward and understand whether the attack is continuing, or not. They have some of this information but compared to other products, it's basic.

We did not thoroughly test its stability, but I can say that we didn't have any crashes or basic problems with it. In our tests, it did not crash, although we were focused on detecting threats as opposed to assessing stability.

We installed this solution for five users.

We did not contact technical support.

The initial setup and installation of this solution are quite straightforward. Just download from the management console and install it. It's easy.

We performed the installation ourselves.

We have evaluated many products. In fact, we tested most of them for our purposes of developing our own. Because we did a competitive analysis, we are keeping most of the information private. However, I can say that SentinelOne, CrowdStrike, and Carbon Black give you a lot more information than Cylance.

The majority of the leading solutions are quite good, and it's a tough market. For normal people, it is difficult to see the differences between them.

The lack of details for the user is partly because of the way they detect. it is done passively, rather than dynamically, so they don't have a lot of information about the things that they already caught.

The suitability of this solution for any particular person will depend on their expectations. I would not rate this solution in the top five for things like presenting information, or ease of use. For standard protection they are ok, but if you have advanced demands, or a SOC, then I don't think that Cylance can compete with Carbon Black, CrowdStrike, or SentinelOne.

I would rate this solution an eight out of ten.

I use CylancePROTECT for intrusion detection, so it's more of an antivirus. I also use its optics feature for live monitoring of every computer.

What's most valuable in CylancePROTECT is the optics feature. I also like its easy-to-use and user-friendly dashboard and monitoring system.

The AI of CylancePROTECT has room for improvement. I'm on a trial license of SentinelOne, and its AI is much better than what's on CylancePROTECT.

I want CylancePROTECT to have an automatic overruling feature in the future for specific situations. In my previous example, a colleague couldn't install Oracle VM VirtualBox because I didn't specify files and programs that CylancePROTECT should block. Sometimes, I want the solution to be less strict so that when a file or application comes from a well-known developer, CylancePROTECT should let it pass, regardless of what file it contains.

I've been using CylancePROTECT for five years.

CylancePROTECT is a very stable product, but in terms of updates and features, it's a letdown.

Scalability-wise, CylancePROTECT has room for improvement. SentinelOne is more scalable, though that could also be because it's bigger. For small businesses, CylancePROTECT is scalable.

Regarding scalability, I'm rating CylancePROTECT as five out of ten.

My colleagues said that support-wise, CylancePROTECT is slow to respond, and it's challenging to communicate with support or get a person on the phone. You can only contact support via email or chat when sometimes, you prefer calling support or speaking to someone via phone.

Email support is fine, but the level of support needs to be more in-depth, so I'm giving the CylancePROTECT support team a six.

Neutral

My company went with CylancePROTECT because my company has smaller companies or customers than enterprise customers. It's easier to deploy CylancePROTECT for smaller businesses, and it works better than SentinelOne, which is more for multinationals or enterprise businesses.

The setup process for CylancePROTECT was pretty straightforward. Setup-wise, it's an eight out of ten.

How long deployment takes depends on the client. For a bigger client, it might take around two weeks for every device to be deployed, but for a small business with a few employees, deploying CylancePROTECT might take a few days.

CylancePROTECT is worth the money, but I'm not sure of its exact price. I can't remember off the top of my head.

We evaluated SentinelOne.

At the moment, my company uses CylancePROTECT, but it's considering using SentinelOne in the future for enterprise clients.

Between five thousand to ten thousand people use CylancePROTECT. That's the total for my company and its customers. Specifically, sixty to seventy people in my company use the solution, with forty engineers and developers, myself included. In contrast, twenty to twenty-five people belong to sales, marketing, and management teams.

CylancePROTECT requires maintenance, but not much because my company has strict policies. For example, a colleague came to me a few days ago because he wanted to install Oracle VM VirtualBox but couldn't because CylancePROTECT wasn't allowing him to install it. In that case, I either have to acknowledge it or make some policy changes because CylancePROTECT is too strict.

To anyone looking into implementing CylancePROTECT, my first question would be, "Are you working in a small or big company?" My advice to you would be based on your answer. My next question would be how strict you want your antivirus to be because if you want it to be less rigid and with less maintenance, then I'd tell you to use CylancePROTECT. If you're looking for a stricter solution with more maintenance, go with SentinelOne.

My rating for CylancePROTECT is eight out of ten because its technical support could be better, plus it needs to update its software regularly. The solution also has several areas for improvement, but the team still needs to work on it. In general, as an antivirus with an optics feature, CylancePROTECT is very good but still has room for improvement.

My company is a CylancePROTECT partner.

We use CylancePROTECT for import protection, which is why we got it. 

We switched from one product to another, believing this would be a better fit based on what we were informed, but it just didn't work as it should.

We have been dissatisfied with CylanceProtect and CylanceOPTICS and want to leave within the next several months. It just hasn't been an effective tool.

It was not effective. There were a lot of false positives, even when we use Adobe, and everybody uses Adobe, which is not a threat.

We are in the process of moving on to another solution.

I have been working with CylancePROTECT for just over two years.

We are an enterprise company.

I have experience with Blackberry Cylance.

I have some experience with CylanceOPTICS which is part of CylanceGateway.

Its setup is simple if you have a Windows device; it is executable. 

You start the program, make a few clicks, and then enter an extension code into it. Then it begins to mute services before installing. It's fairly simple, maybe five or six minutes.

We never implemented a single solution. We completed what is known as the university installation, and it does the bundle installation. The single-bite variant was never used. We used the bundle to make it easier.

We went through a third party initially to do the renewal, but we won't be renewing, we will move on to something else.

We received both. We prepared a quotation for a year. It is based on a calendar year. We spent a year on both Protect and Optics.

I would rate the pricing a three out of five.

I would rate CylancePROTECT a three out of ten.