- Using dashboards
- Managing aggregated alerts
- Managing users, devices, and groups
- Manage CylancePROTECT Desktop and CylanceOPTICS devices
- Manage zones
- Manage devices with the CylancePROTECT Mobile app
- Manage CylancePROTECT Mobile app and CylanceGATEWAY users
- Managing CylanceAVERT users
- Manage user groups
- Configure device lifecycle management
- Remove a registered FIDO device for a user account
- Discover unprotected devices
- Managing threats detected by CylancePROTECT Desktop
- Manage CylancePROTECT Desktop threat alerts
- Manage CylancePROTECT Desktop script control alerts
- Manage CylancePROTECT Desktop memory protection alerts
- Manage CylancePROTECT Desktop external device alerts
- Threat protection
- Evaluate the risk level of a file
- Using CylancePROTECT Desktop reports
- Managing threats detected by CylancePROTECT Mobile
- Managing safe and unsafe lists for CylancePROTECT Desktop and CylancePROTECT Mobile
- Add a file to the CylancePROTECT Desktop global quarantine or global safe list
- Add a file to the CylancePROTECT Desktop local quarantine or local safe list
- Add a certificate to the CylancePROTECT Desktop global safe list
- Add an app, certificate, IP address, or domain to a CylancePROTECT Mobile safe or restricted list
- Analyzing data collected by CylanceOPTICS
- CylanceOPTICS sensors
- Data structures that CylanceOPTICS uses to identify threats
- View devices that are enabled for CylanceOPTICS
- Using InstaQuery and advanced query to analyze artifact data
- View focus data
- View and download files that CylanceOPTICS has retrieved
- Using CylanceOPTICS to detect and respond to events
- Create a detection rule set
- View and manage detections
- Creating custom detection rules
- Create a detection exception
- Deploy a package to collect data from devices
- Create a package playbook to respond to events
- Lock a device
- Sending actions to a device
- Monitoring network connections with CylanceGATEWAY
- Monitoring sensitive files with CylanceAVERT
- View mobile OS vulnerabilities
- Auditing administrator actions
- Managing logs
- Send events to a SIEM solution or syslog server
- Enable access to the Cylance User API
- Troubleshooting Cylance Endpoint Security
- Using the BlackBerry Support Collection Tool
- Removing the BlackBerry Connectivity Node software from Cylance Endpoint Security
- Troubleshooting CylancePROTECT Desktop
- Remove the CylancePROTECT Desktop agent from a device
- Re-register a Linux agent
- Troubleshoot update, status, and connectivity issues with CylancePROTECT Desktop
- A large number of DYLD Injection violations are reported by Linux devices
- Time zone variances for CylancePROTECT Desktop
- Folder exclusions when using CylancePROTECT Desktop with third-party security products
- Linux driver is not loaded. Upgrade the driver package.
- Troubleshooting CylanceOPTICS
- BlackBerry Docs
- Cylance Endpoint Security
- Cylance Endpoint Security Administration Guide
- Enable access to the Cylance User API
Enable access to the Cylance User API
Cylance Endpoint Securitysupports integration with third-party programs using the
CylanceUser API, a set of RESTful APIs. This allows your organization to programmatically manage
Cylance Endpoint Securitysettings and configurations. Administrators can customize integration settings to control which API privileges a user has. For security, an API user needs an application ID and an application secret that you generate when you add a custom application in the management console. A tenant can have up to 10 custom integrations.
For more information, see the Cylance User API guide.
In July 2022, a security enhancement was introduced for existing
Cylance Endpoint Securitytenants. Users with the Administrator role can enable a new feature that permanently removes application secrets from the management console after they are generated, ensuring that they cannot be viewed by any users with access to the
Cylanceconsole. If you enable this feature in Settings > Integrations, when an administrator generates or regenerates an application secret, it will display only until the administrator dismisses the dialogue or navigates away from the screen. The app secret will not display in the list. To remove your existing application secrets and enable this behavior, you can expand
Improved Security Availableand click
Remove Secret. After you enable the feature, any application secrets that were generated previously will no longer be available to view. You should record existing application secrets before you enable this feature. You cannot revert to the previous behavior that exposes application secrets in the console. You can generate new application IDs and secrets as necessary.
Cylance Endpoint Securitytenants created after July 2022, this feature is enabled by default.
- In the management console, clickSettings > Integrations.
- ClickAdd Application.
- Enter a name for the application.
- Select the API privileges to allow access to.
- ClickSave.The application ID and application secret display.