- Using dashboards
- Managing alerts across Cylance Endpoint Security services
- Managing users, devices, and groups
- Manage CylancePROTECT Desktop and CylanceOPTICS devices
- Manage zones
- Manage devices with the CylancePROTECT Mobile app
- Manage CylancePROTECT Mobile app and CylanceGATEWAY users
- View CylanceAVERT user details
- Manage user groups
- Configure device lifecycle management
- View a list of applications installed on CylancePROTECT Desktop devices
- Remove a registered FIDO device for a user account
- Discover unprotected devices
- Managing threats detected by CylancePROTECT Desktop
- Managing threats detected by CylancePROTECT Mobile
- Managing safe and unsafe lists for CylancePROTECT Desktop and CylancePROTECT Mobile
- Add a file to the CylancePROTECT Desktop global quarantine or global safe list
- Add a file to the CylancePROTECT Desktop local quarantine or local safe list
- Add a certificate to the CylancePROTECT Desktop global safe list
- Add an app, certificate, IP address, domain, or installer source to the CylancePROTECT Mobile safe or restricted list
- Analyzing data collected by CylanceOPTICS
- Using CylanceOPTICS to detect and respond to events
- Monitoring network connections with CylanceGATEWAY
- Monitoring sensitive files with CylanceAVERT
- View mobile OS vulnerabilities
- Auditing administrator actions
- Managing logs
- Send events to a SIEM solution or syslog server
- Enable access to the Cylance User API
- Troubleshooting Cylance Endpoint Security
- Using the BlackBerry Support Collection Tool
- Using the Report a problem feature
- Removing the BlackBerry Connectivity Node software from Cylance Endpoint Security
- Troubleshooting CylancePROTECT Desktop
- Remove the CylancePROTECT Desktop agent from a device
- Re-register a Linux agent
- Troubleshoot update, status, and connectivity issues with CylancePROTECT Desktop
- A large number of DYLD Injection violations are reported by Linux devices
- Time zone variances for CylancePROTECT Desktop
- Folder exclusions when using CylancePROTECT Desktop with third-party security products
- Linux driver is not loaded. Upgrade the driver package.
- Troubleshooting CylanceOPTICS
Cylance score
Cylance
scoreThe
Cylance
score represents the confidence level that the file poses a real danger to your environment. The higher the score, the greater the confidence level that the file can be used for malicious purposes. Based on the score, threats are considered either unsafe or abnormal.Files that are identified as a potential threat will have their score displayed in red (unsafe or abnormal). Files that are identified as safe will have their score displayed in green. Under normal circumstances you will not see safe (green) files displayed in the console. Safe files that are shown in the console are typically displayed when the file has been added to your global quarantine list and quarantined on a device.
Files that would be considered unsafe/abnormal (red score) are treated as safe if you add the files to your global safe list and will not be displayed in the console.
Occasionally, a file may be classified as either unsafe or abnormal even if the score displayed doesn’t match the range for the score. This may be due to update findings or additional file analysis that may have been performed after the initial detection. For the most up-to-date threat analysis, enable auto upload in the policy.
The
Cylance
score is independent of threat classification. Most threat classifications are a manual process that is undertaken by a human threat researcher and assigned on a file-by-file basis. It is possible for a file to have a Cylance
score but not have a classification until a later date.