Get the PDF

What is CylancePROTECT Mobile?
- What is CylanceINFINITY?
- Architecture: CylancePROTECT Mobile
CylancePROTECT Mobile use cases
Steps to set up CylancePROTECT Mobile
- Software requirements: CylancePROTECT Mobile
- Enable CylancePROTECT Mobile in your UEM domain
Detecting malware when deploying Android apps from BlackBerry UEM
- Upload apps that you want to deploy using BlackBerry UEM
- Add an app or signing certificate to the approved app list
Detecting malware on Android devices
Detecting sideloaded apps on devices
Safe browsing with BlackBerry Dynamics apps
Scanning URLs in text messages
- Enable and configure text message scanning
- Configure compliance actions to take on Android devices when an unsafe text message is detected
Protecting devices from network threats
- Enable network protection
- Configure compliance actions to take when network threats are detected
Checking the integrity of BlackBerry Dynamics apps for iOS
Using security patch compliance and hardware certificate attestation for Android devices
CylancePROTECT Mobile anonymous data collection
- Enable or disable anonymous data collection

Enable app integrity checking

If applicable, Add Apple DeviceCheck keys for custom BlackBerry Dynamics apps.

In the activation profiles that are assigned to users, on the

iOS

tab, enable any of the following settings:

To perform an app integrity check when a

BlackBerry Dynamics

app is activated, select

Perform app integrity check on BlackBerry Dynamics app activation

To perform regular app integrity checks for

BlackBerry Dynamics

apps, select

Perform periodic app integrity checks

In the management console, click

Settings > General settings > Attestation

In the

iOS app integrity check frequency

section, select the

Enable iOS app integrity check on devices

check box.

In the

Challenge frequency

section, specify how often apps must return an attestation response.

In the

App grace period

section, specify a grace period.

If the grace period expires without a successful attestation response, a device is considered out of compliance and

UEM

will take the compliance action specified in the user's compliance profile.

In the

Apps to receive attestation challenges

table, click

To use a full integrity check with the DeviceCheck framework, verify that the

Use Apple DeviceCheck to validate device and app signature

check box is selected. For a partial integrity check, clear the check box.

If you want to add a custom app to the attestation list, in the

DeviceCheck key name

drop-down list, select the key for the app.

Search for and select the app that you want to receive attestation challenges. Click

Select

. You do not need to add a key for apps released by

BlackBerry

UEM

will automatically use the

BlackBerry

DeviceCheck key when you select an app released by

BlackBerry

Repeat steps 5 to 8 to add additional apps to the list.

Click

Save

Create a

CylancePROTECT

profile and assign it to user accounts and groups to enable the feature on users' devices. You can create a new

CylancePROTECT

profile (Policies and profiles > Protection > CylancePROTECT) or use a

CylancePROTECT

profile that you created previously. Note that currently there are no settings that you need to configure in the profile for integrity checking.

Configure compliance actions to take when a device fails an integrity check.

To manually start an app integrity check, navigate to a user's device details. Under

App integrity status

, click

Details

, then click Initiate attestation icon

Section:

Checking the integrity of BlackBerry Dynamics apps for iOS