- Using dashboards
- Managing alerts across Cylance Endpoint Security services
- Managing users, devices, and groups
- Manage CylancePROTECT Desktop and CylanceOPTICS devices
- Manage zones
- Manage devices with the CylancePROTECT Mobile app
- Manage CylancePROTECT Mobile app and CylanceGATEWAY users
- View CylanceAVERT user details
- Manage user groups
- Configure device lifecycle management
- View a list of applications installed on CylancePROTECT Desktop devices
- Remove a registered FIDO device for a user account
- Discover unprotected devices
- Managing threats detected by CylancePROTECT Desktop
- Managing threats detected by CylancePROTECT Mobile
- Managing safe and unsafe lists for CylancePROTECT Desktop and CylancePROTECT Mobile
- Add a file to the CylancePROTECT Desktop global quarantine or global safe list
- Add a file to the CylancePROTECT Desktop local quarantine or local safe list
- Add a certificate to the CylancePROTECT Desktop global safe list
- Add an app, certificate, IP address, domain, or installer source to the CylancePROTECT Mobile safe or restricted list
- Analyzing data collected by CylanceOPTICS
- Using CylanceOPTICS to detect and respond to events
- Monitoring network connections with CylanceGATEWAY
- Monitoring sensitive files with CylanceAVERT
- View mobile OS vulnerabilities
- Auditing administrator actions
- Managing logs
- Send events to a SIEM solution or syslog server
- Enable access to the Cylance User API
- Troubleshooting Cylance Endpoint Security
- Using the BlackBerry Support Collection Tool
- Using the Report a problem feature
- Removing the BlackBerry Connectivity Node software from Cylance Endpoint Security
- Troubleshooting CylancePROTECT Desktop
- Remove the CylancePROTECT Desktop agent from a device
- Re-register a Linux agent
- Troubleshoot update, status, and connectivity issues with CylancePROTECT Desktop
- A large number of DYLD Injection violations are reported by Linux devices
- Time zone variances for CylancePROTECT Desktop
- Folder exclusions when using CylancePROTECT Desktop with third-party security products
- Linux driver is not loaded. Upgrade the driver package.
- Troubleshooting CylanceOPTICS
Status changes for alerts
The status of individual alerts in other sections of the console (for example, Protection > Threats,
CylanceOPTICS
> Detections, and Protection > Protect Mobile alerts) correspond to an equivalent status in the Alerts view. When an alert status changes in another view, the status is also updated in the Alerts view. For example, if the status of an alert in Detections changes to False Positive, the status in the Alerts view changes to Closed.When you change the status of individual alerts in the Alerts view, an equivalent status change is displayed in the
CylanceOPTICS
> Detections view. Currently, status changes that you initiate in the Alerts view will not be displayed in the Protection > Threats view or in the Protection > Protect Mobile alerts view.
Note the following equivalent states for
CylancePROTECT Desktop
threat alerts:
- Alerts displayed in Protection > Threats with an Unsafe, Abnormal, or Quarantined status have a New status in the Alerts view.
- Alerts displayed in Protection > Threats with a Waived status have a Closed status in the Alerts view.
If you set a status for an alert group, the individual alerts in that group are assigned the status that you selected. If the individual alerts in an alert group have different statuses, either from manual status changes or as a result of status changes that come from another view (for example,
CylanceOPTICS
> Detections), the status of the alert group changes to Multiple. If all of the individual alerts in an alert group have the same status, the alert group will also have the same status. For example, if all of the individual alerts have a status of Closed, the status of the alert group is also Closed.