- Using dashboards
- Managing alerts across Cylance Endpoint Security services
- Managing users, devices, and groups
- Manage CylancePROTECT Desktop and CylanceOPTICS devices
- Manage zones
- Manage devices with the CylancePROTECT Mobile app
- Manage CylancePROTECT Mobile app and CylanceGATEWAY users
- Managing CylanceAVERT users
- Manage user groups
- Configure device lifecycle management
- Remove a registered FIDO device for a user account
- Discover unprotected devices
- Managing threats detected by CylancePROTECT Desktop
- Managing threats detected by CylancePROTECT Mobile
- Managing safe and unsafe lists for CylancePROTECT Desktop and CylancePROTECT Mobile
- Add a file to the CylancePROTECT Desktop global quarantine or global safe list
- Add a file to the CylancePROTECT Desktop local quarantine or local safe list
- Add a certificate to the CylancePROTECT Desktop global safe list
- Add an app, certificate, IP address, or domain to a CylancePROTECT Mobile safe or restricted list
- Analyzing data collected by CylanceOPTICS
- Using CylanceOPTICS to detect and respond to events
- Monitoring network connections with CylanceGATEWAY
- Monitoring sensitive files with CylanceAVERT
- View mobile OS vulnerabilities
- Auditing administrator actions
- Managing logs
- Send events to a SIEM solution or syslog server
- Enable access to the Cylance User API
- Troubleshooting Cylance Endpoint Security
- Using the BlackBerry Support Collection Tool
- Removing the BlackBerry Connectivity Node software from Cylance Endpoint Security
- Troubleshooting CylancePROTECT Desktop
- Remove the CylancePROTECT Desktop agent from a device
- Re-register a Linux agent
- Troubleshoot update, status, and connectivity issues with CylancePROTECT Desktop
- A large number of DYLD Injection violations are reported by Linux devices
- Time zone variances for CylancePROTECT Desktop
- Folder exclusions when using CylancePROTECT Desktop with third-party security products
- Linux driver is not loaded. Upgrade the driver package.
- Troubleshooting CylanceOPTICS
- BlackBerry Docs
- Cylance Endpoint Security
- Administration
- Cylance Endpoint Security Administration Guide
- Troubleshooting Cylance Endpoint Security
- Troubleshooting CylancePROTECT Desktop
- A large number of DYLD Injection violations are reported by Linux devices
A large number of DYLD Injection violations are reported by Linux devices
Possible cause
Certain third-party applications, such as
Splunk
, Dynatrace, AppDynamics, and DataDog, try to preload modules (LD_PRELOAD environment variable for a process), causing DYLD Injection violation events for any process monitored by the application.Possible solution
Do the following:
- If you are using a version of theCylancePROTECT Desktopagent earlier than 2.1.1574, upgrade to 2.1.1574 or later.BlackBerrystrongly recommends upgrading to the latest available version of the agent to benefit from the latest enhancements.
- Add memory protection exclusions for the .so components that a third-party application tries to inject. Inspect the LD_PRELOAD variable to determine the .so components that you need to add exclusions for (“man ld.so” can provide some guidance). It is a best practice to contact the support resources for the third-party application to identify the applicable .so files.