Skip Navigation

Using
CylanceOPTICS
to detect and respond to events

CylanceOPTICS
uses the Context Analysis Engine (CAE) to analyze and correlate events as they occur on devices in near real-time. The CAE logic is stored locally on the device, which allows the
CylanceOPTICS
agent to monitor and track malicious or suspicious activity even if the device is not connected to the
CylanceOPTICS
cloud services. You can configure
CylanceOPTICS
to take automated response actions when the CAE identifies certain artifacts of interest, providing an additional layer of threat detection and prevention to complement the capabilities of
CylancePROTECT Desktop
.
You can customize the detection capabilities of
CylanceOPTICS
to suit the needs of your organization. You can create detection rule sets with your desired configuration of detection rules and responses, you can clone and modify existing detection rules or create your own custom rules, and you can create detection exceptions to exclude specific artifacts from detection.