Overview
CylanceGUARD
is a subscription-based, 24x7-managed extended detection and response (XDR) service that provides actionable intelligence for customers to prevent threats quickly, while minimizing alert fatigue without requiring additional resources. This service is fully integrated with CylancePROTECT
, CylanceOPTICS
, CylancePERSONA
, CylanceGATEWAY
, and third-party vendors to provide holistic and unified telemetry across all endpoints and enable highly skilled BlackBerry
analysts to threat-hunt through customer environments to find and contain threats, prevent major breaches, and allow organizations to mature their security posture. BlackBerry
has the strategy, expertise, and technology to protect an organization by analyzing, preventing, and containing threats as well as large-scale breaches.CylanceGUARD
requires CylancePROTECT
and CylanceOPTICS
, which are a part of the BlackBerry Spark Suite
and Cyber Suite
. The suites also include CylancePERSONA
and CylanceGATEWAY
, which are applicable to CylanceGUARD
Advanced subscriptions. For more information, see the Product requirements.What's included in the subscription
The following table highlights the features that are included in
CylanceGUARD
Advanced and CylanceGUARD
Essentials subscriptions.The
CylanceGUARD
Advanced subscription includes closed-loop communications and access to a CylanceGUARD
analyst to help navigate incidents and provide regular updates and ongoing review of the overall threat prevention status. Optionally, Advanced customers are also eligible to secure services for third-party applications, such as for integrating and managing telemetry data from SIEM.Feature | CylanceGUARD Advanced | CylanceGUARD Essentials |
---|---|---|
Customized product configuration, optimization, and assurance (including BlackBerry product onboarding) | √ | √ |
Email, portal, and mobile alert escalation management | √ | √ |
24x7x365 monitoring | √ | √ |
Automated and proactive threat hunting (Alert, intelligence, and methodology hunting) | √ | √ |
Defined service levels | √ | √ |
Outreach for critical alerts | √ | √ |
Access to CylanceGUARD analysts for incident response, guidance, and strategy | √ | |
Monthly reports on activity and threat landscape | √ | |
Quarterly reports and ongoing prevention review with BlackBerry experts | √ | |
Support for third-party solution integration | √ 1 |
1
You must obtain a third-party solution (for example, for SIEM integration). For more information, see Supported third-party integrations.Feature descriptions
- Customized product configuration, optimization, and assurance: Leverage the expertise ofCylance Endpoint SecurityThreatZero experts for a personalized, white-glove service to optimize theCylanceGUARDsolution.
- Email alerts and escalation management: Receive email notifications.
- 24x7x365 monitoring:CylanceGUARDanalysts are monitoring all day and night on all 365 days of the year to follow up on triggering events.
- Automated and proactive threat hunting (Alert, intelligence, and methodology hunting): This includes ongoing collection of artifacts and information to facilitate hunting of potential security threats. Threat hunting occurs using various different methods, including alert-based, intelligence, and methodology hunting, leveraging proven methods that identify potential attacks, data exfiltration, unauthorized access, or other potential vectors of compromise in the environment.
- Defined service levels: Service levels for security event investigation, median incident resolution time, andCylanceGUARDmonthly reports are defined.
- Outreach for critical alerts: When there is a critical alert,CylanceGUARDanalysts reach out to make sure the customer is aware of the situation.
- Access to: When a threat has been identified, consultCylanceGUARDanalysts for incident response guidance and strategyCylanceGUARDanalysts to guide you through your incident response plan. For example, you can engage theBlackBerrySecurity Services Incident Response team, who will work together with an analyst to guide you to a resolution as quickly as possible.
- Monthly reports on activity and threat landscape: Receive monthly reports on activity and the threat landscape.
- Quarterly reports and ongoing prevention reviews:BlackBerryexperts provide insight and knowledge to help obtain and maintain a state of prevention.
- Support for third-party solution integration: IntegrateCylanceGUARDwith third-party solutions for managed XDR services in a single unified console to improve visibility and control of security incidents.