- Using dashboards
- Managing alerts across Cylance Endpoint Security services
- Managing users, devices, and groups
- Manage CylancePROTECT Desktop and CylanceOPTICS devices
- Manage zones
- Manage devices with the CylancePROTECT Mobile app
- Manage CylancePROTECT Mobile app and CylanceGATEWAY users
- View CylanceAVERT user details
- Manage user groups
- Configure device lifecycle management
- View a list of applications installed on CylancePROTECT Desktop devices
- Remove a registered FIDO device for a user account
- Discover unprotected devices
- Managing threats detected by CylancePROTECT Desktop
- Managing threats detected by CylancePROTECT Mobile
- Managing safe and unsafe lists for CylancePROTECT Desktop and CylancePROTECT Mobile
- Add a file to the CylancePROTECT Desktop global quarantine or global safe list
- Add a file to the CylancePROTECT Desktop local quarantine or local safe list
- Add a certificate to the CylancePROTECT Desktop global safe list
- Add an app, certificate, IP address, domain, or installer source to the CylancePROTECT Mobile safe or restricted list
- Analyzing data collected by CylanceOPTICS
- Using CylanceOPTICS to detect and respond to events
- Monitoring network connections with CylanceGATEWAY
- Monitoring sensitive files with CylanceAVERT
- View mobile OS vulnerabilities
- Auditing administrator actions
- Managing logs
- Send events to a SIEM solution or syslog server
- Enable access to the Cylance User API
- Troubleshooting Cylance Endpoint Security
- Using the BlackBerry Support Collection Tool
- Using the Report a problem feature
- Removing the BlackBerry Connectivity Node software from Cylance Endpoint Security
- Troubleshooting CylancePROTECT Desktop
- Remove the CylancePROTECT Desktop agent from a device
- Re-register a Linux agent
- Troubleshoot update, status, and connectivity issues with CylancePROTECT Desktop
- A large number of DYLD Injection violations are reported by Linux devices
- Time zone variances for CylancePROTECT Desktop
- Folder exclusions when using CylancePROTECT Desktop with third-party security products
- Linux driver is not loaded. Upgrade the driver package.
- Troubleshooting CylanceOPTICS
- BlackBerry Docs
- Cylance Endpoint Security
- Administration
- Cylance Endpoint Security Administration Guide
- Managing threats detected by CylancePROTECT Desktop
- Evaluate the risk level of a file
Evaluate the risk level of a file
You can use the management console to evaluate the risk level of a file, as analyzed and determined by the CylancePROTECT cloud services. This feature gives you insight into how the
CylancePROTECT Desktop
agent would classify a file that it identifies on a device. Currently, Windows
, macOS
, and Linux
executables are supported.You must have the Administrator role to access this feature in the console.
- In the management console, on the menu bar, clickProtection > Threat Analysis.
- Do one of the following:ActionStepsLook up a file by hash.In theHashesfield, type or paste SHA256 hashes, separating each hash on a new line. You can add up to 32 hashes.Upload a file.The maximum size of a file that you can upload is 10 MB.
- On theUpload Filetab, clickBrowse Files.
- Navigate to and select the file that you want to analyze. ClickOpen.
- ClickAnalyze.
- Review the file status to determine whether a threat was found or if the file is considered safe.If you receive aFile Requiredstatus after you lookup a file by the SHA256 hash, upload the file on theUpload Filetab.
If necessary, add a file to the global quarantine list or to the global safe list. For instructions, see Add a file to the CylancePROTECT Desktop global quarantine or global safe list.