- Using dashboards
- Managing alerts across Cylance Endpoint Security services
- Managing users, devices, and groups
- Manage CylancePROTECT Desktop and CylanceOPTICS devices
- Manage zones
- Manage devices with the CylancePROTECT Mobile app
- Manage CylancePROTECT Mobile app and CylanceGATEWAY users
- Managing CylanceAVERT users
- Manage user groups
- Configure device lifecycle management
- Remove a registered FIDO device for a user account
- Discover unprotected devices
- Managing threats detected by CylancePROTECT Desktop
- Managing threats detected by CylancePROTECT Mobile
- Managing safe and unsafe lists for CylancePROTECT Desktop and CylancePROTECT Mobile
- Add a file to the CylancePROTECT Desktop global quarantine or global safe list
- Add a file to the CylancePROTECT Desktop local quarantine or local safe list
- Add a certificate to the CylancePROTECT Desktop global safe list
- Add an app, certificate, IP address, or domain to a CylancePROTECT Mobile safe or restricted list
- Analyzing data collected by CylanceOPTICS
- Using CylanceOPTICS to detect and respond to events
- Monitoring network connections with CylanceGATEWAY
- Monitoring sensitive files with CylanceAVERT
- View mobile OS vulnerabilities
- Auditing administrator actions
- Managing logs
- Send events to a SIEM solution or syslog server
- Enable access to the Cylance User API
- Troubleshooting Cylance Endpoint Security
- Using the BlackBerry Support Collection Tool
- Removing the BlackBerry Connectivity Node software from Cylance Endpoint Security
- Troubleshooting CylancePROTECT Desktop
- Remove the CylancePROTECT Desktop agent from a device
- Re-register a Linux agent
- Troubleshoot update, status, and connectivity issues with CylancePROTECT Desktop
- A large number of DYLD Injection violations are reported by Linux devices
- Time zone variances for CylancePROTECT Desktop
- Folder exclusions when using CylancePROTECT Desktop with third-party security products
- Linux driver is not loaded. Upgrade the driver package.
- Troubleshooting CylanceOPTICS
Partially analyzed files
CylanceAVERT
provides visibility into files that are only partially analyzed. When CylanceAVERT
can not fully determine the sensitivity of a file, it appears in the Partially Analyzed Files list. The following are situations in which a file may be only partially analyzed:
- The file is large enough that the scoring engine was not able to fully complete it's analysis before the file was exfiltrated.
- The file is a compressed zip file with multiple levels of hierarchy, where only the initial levels were analyzed.
Based on their sensitivity scores, there are two possible outcomes for a partially analyzed file. Either the file is partially scored and sensitive data is found, or the file is partially scored and sensitive data is not found.
If a file is partially scored and sensitive information is not detected, the file appears in the Partially Analyzed Files list with an alert stating that it was only partially analyzed.
If a file is partially scored and sensitive information is detected, it will be treated the same as a fully scored file, and it appears in the File Inventory, Events view, and Evidence Locker. However, an icon displays beside the file in the tables and detailed views with an alert stating that it was only partially analyzed.