- Using dashboards
- Managing alerts across Cylance Endpoint Security services
- Managing users, devices, and groups
- Manage CylancePROTECT Desktop and CylanceOPTICS devices
- Manage zones
- Manage devices with the CylancePROTECT Mobile app
- Manage CylancePROTECT Mobile app and CylanceGATEWAY users
- View CylanceAVERT user details
- Manage user groups
- Configure device lifecycle management
- View a list of applications installed on CylancePROTECT Desktop devices
- Remove a registered FIDO device for a user account
- Discover unprotected devices
- Managing threats detected by CylancePROTECT Desktop
- Managing threats detected by CylancePROTECT Mobile
- Managing safe and unsafe lists for CylancePROTECT Desktop and CylancePROTECT Mobile
- Add a file to the CylancePROTECT Desktop global quarantine or global safe list
- Add a file to the CylancePROTECT Desktop local quarantine or local safe list
- Add a certificate to the CylancePROTECT Desktop global safe list
- Add an app, certificate, IP address, domain, or installer source to the CylancePROTECT Mobile safe or restricted list
- Analyzing data collected by CylanceOPTICS
- Using CylanceOPTICS to detect and respond to events
- Monitoring network connections with CylanceGATEWAY
- Monitoring sensitive files with CylanceAVERT
- View mobile OS vulnerabilities
- Auditing administrator actions
- Managing logs
- Send events to a SIEM solution or syslog server
- Enable access to the Cylance User API
- Troubleshooting Cylance Endpoint Security
- Using the BlackBerry Support Collection Tool
- Using the Report a problem feature
- Removing the BlackBerry Connectivity Node software from Cylance Endpoint Security
- Troubleshooting CylancePROTECT Desktop
- Remove the CylancePROTECT Desktop agent from a device
- Re-register a Linux agent
- Troubleshoot update, status, and connectivity issues with CylancePROTECT Desktop
- A large number of DYLD Injection violations are reported by Linux devices
- Time zone variances for CylancePROTECT Desktop
- Folder exclusions when using CylancePROTECT Desktop with third-party security products
- Linux driver is not loaded. Upgrade the driver package.
- Troubleshooting CylanceOPTICS
- BlackBerry Docs
- Cylance Endpoint Security
- Administration
- Cylance Endpoint Security Administration Guide
- Using CylanceOPTICS to detect and respond to events
Using CylanceOPTICS to detect and respond to events
CylanceOPTICS
to detect and respond to eventsCylanceOPTICS
uses the Context Analysis Engine (CAE) to analyze and correlate events as they occur on devices in near real-time. The CAE logic is stored locally on the device, which allows the CylanceOPTICS
agent to monitor and track malicious or suspicious activity even if the device is not connected to the CylanceOPTICS
cloud services. You can configure CylanceOPTICS
to take automated response actions when the CAE identifies certain artifacts of interest, providing an additional layer of threat detection and prevention to complement the capabilities of CylancePROTECT Desktop
.You can customize the detection capabilities of
CylanceOPTICS
to suit the needs of your organization. You can create detection rule sets with your desired configuration of detection rules and responses, you can clone and modify existing detection rules or create your own custom rules, and you can create detection exceptions to exclude specific artifacts from detection.