Skip Navigation

Overview

BlackBerry Guard
is a subscription-based, 24x7-managed extended detection and response (XDR) service that provides actionable intelligence for customers to prevent threats quickly, while minimizing alert fatigue without requiring additional resources. This service is fully integrated with
BlackBerry Protect
,
BlackBerry Optics
,
BlackBerry Persona
,
BlackBerry Gateway
, and third-party vendors to provide holistic and unified telemetry across all endpoints and enable highly skilled
BlackBerry
analysts to threat-hunt through customer environments to find and contain threats, prevent major breaches, and allow organizations to mature their security posture.
BlackBerry
has the strategy, expertise, and technology to protect an organization by analyzing, preventing, and containing threats as well as large-scale breaches.
BlackBerry Guard
requires
BlackBerry Protect
and
BlackBerry Optics
, which are a part of the
BlackBerry Spark Suite
and
Cyber Suite
. The suites also include
BlackBerry Persona
and
BlackBerry Gateway
, which are applicable to
BlackBerry Guard
Advanced subscriptions. For more information, see the Product requirements.

What's included in the subscription

The following table highlights the features that are included in
BlackBerry Guard
Advanced and
BlackBerry Guard
Essentials subscriptions.
The
BlackBerry Guard
Advanced subscription includes closed-loop communications and access to a
Guard
analyst to help navigate incidents and provide regular updates and ongoing review of the overall threat prevention status. Optionally, Advanced customers are also eligible to secure services for third-party applications, such as for integrating and managing telemetry data from SIEM.
Feature
BlackBerry Guard
Advanced
BlackBerry Guard
Essentials
Customized product configuration, optimization, and assurance (including
BlackBerry
product onboarding)
Email, portal, and mobile alert escalation management
24x7x365 monitoring
Automated and proactive threat hunting (Alert, intelligence, and methodology hunting)
Defined service levels
Outreach for critical alerts
Access to
BlackBerry Guard
analysts for incident response, guidance, and strategy
Monthly reports on activity and threat landscape
Quarterly reports and ongoing prevention review with
BlackBerry
experts
Support for third-party solution integration
1
1
You must obtain a third-party solution (for example, for SIEM integration). For more information, see Supported third-party integrations.

Feature descriptions

  • Customized product configuration, optimization, and assurance
    : Leverage the expertise of
    BlackBerry UES
    ThreatZero experts for a personalized, white-glove service to optimize the
    BlackBerry Guard
    solution.
  • Email alerts and escalation management
    : Receive email notifications.
  • 24x7x365 monitoring
    :
    BlackBerry Guard
    analysts are monitoring all day and night on all 365 days of the year to follow up on triggering events.
  • Automated and proactive threat hunting (Alert, intelligence, and methodology hunting)
    : This includes ongoing collection of artifacts and information to facilitate hunting of potential security threats. Threat hunting occurs using various different methods, including alert-based, intelligence, and methodology hunting, leveraging proven methods that identify potential attacks, data exfiltration, unauthorized access, or other potential vectors of compromise in the environment.
  • Defined service levels
    : Service levels for security event investigation, median incident resolution time, and
    BlackBerry Guard
    monthly reports are defined.
  • Outreach for critical alerts
    : When there is a critical alert,
    BlackBerry Guard
    analysts reach out to make sure the customer is aware of the situation.
  • Access to
    BlackBerry Guard
    analysts for incident response guidance and strategy
    : When a threat has been identified, consult
    BlackBerry Guard
    analysts to guide you through your incident response plan. For example, you can engage the
    BlackBerry
    Security Services Incident Response team, who will work together with an analyst to guide you to a resolution as quickly as possible. 
  • Monthly reports on activity and threat landscape
    : Receive monthly reports on activity and the threat landscape.
  • Quarterly reports and ongoing prevention reviews
    :
    BlackBerry
    experts provide insight and knowledge to help obtain and maintain a state of prevention.
  • Support for third-party solution integration
    : Integrate
    BlackBerry Guard
    with third-party solutions for managed XDR services in a single unified console to improve visibility and control of security incidents.