Management console and platform services Skip Navigation
  1. BlackBerry Docs
  2. Cylance Endpoint Security
  3. Cylance Endpoint Security Release Notes
  4. Management console and platform services

Management console and platform services

This section contains information about updates to the management console and platform services that impact more than one
Cylance Endpoint Security
 service or the general experience of the console. Console changes that impact specific
Cylance Endpoint Security
 services are described in the respective sections of this guide.

What's new in the management console

Feature
Description
Date added
Alerts view enhancement
The Alerts view now supports CylancePROTECT Desktop memory protection alerts, in addition to the previously supported
CylancePROTECT Desktop
 threat alerts. The
CylancePROTECT Desktop
 cloud services analyze the frequency of identical violation classes and will only surface a unique violation class within a set time period, dramatically reducing the number of unnecessary alerts. This allows you to focus your threat hunting activities on the most relevant events. Note that this feature replaces the existing Protection > Memory Protection view in the management console. The Alerts view will serve as the primary access point for memory protection alerts.
For more information, see Managing alerts across Cylance Endpoint Security services in the
Cylance Endpoint Security
 Administration content.
Sept 2023
Configure the idle timeout for administrators
You can now specify how long a session is allowed to remain idle before an administrator is logged out of the management console.
For more information, see Configure the session and idle timeout limits in the
Cylance Endpoint Security
 Setup content.
Sept 2023
Reauthentication prompt for console session timeout
When an administrator is a few minutes away from the session timeout limit (Settings > Authentication > Settings tab), the console prompts the administrator with a countdown notification that gives the option to authenticate again to continue the session. If the administrator does not actively respond to the prompt, they are logged out of the console when the timeout limit is reached.
For more information, see Configure the session and idle timeout limits in the
Cylance Endpoint Security
 Setup content.
August 2023
Alerts view enhancements
  • The Alerts view now supports alerts from the
    CylancePROTECT Mobile
     app.
  • The Category column has been replaced with a new Classification column and a new Sub-classification column has been added to provide more granular contextual information about alerts.
For more information, see Managing alerts across Cylance Endpoint Security services in the
Cylance Endpoint Security
 Administration content.
August 2023
Support for
CylanceGATEWAY
 events in the Alerts view
For
CylanceGATEWAY
 threat alerts, the Alerts view now supports alerts that are based on the network protection settings that you set. Detections such as IP Reputation, Zero-Day, Signature, and DNS Tunneling alerts are now displayed in the Alerts view. This provides a comprehensive way to review the alerts that are detected by
CylanceGATEWAY
 and makes it easier for you to identify and track threats in your environment and resolve collections of alerts more efficiently. The priority for the alerts is determined by your Network Protection settings.
For more information, see Managing alerts across Cylance Endpoint Security services in the
Cylance Endpoint Security
 Administration content.
July 2023
Tenant identifier
You can now specify whether the tenant ID, name or both should appear in the SIEM solution or syslog server. This value allows you to easily identify the source tenant in a multiple tenant environment.
For more information, see Configure Cylance Endpoint Security to send events to a SIEM solution or syslog server in the
Cylance Endpoint Security
 Syslog content.
June 2023
Syslog enhancements
The syslog message delivery is now using an updated platform for message delivery. The updated platform will provide improved stability and a basis for future enhancements. To ensure uninterrupted delivery of syslog messages to your SIEM solution or syslog server, you must configure them to allow connections from new source IP addresses.
May 2023
Notifications for disabled services
You can now view your notifications for expiring and disabled services in the management console. A notification prompt for new and non-dismissed notifications will display upon login and a message banner will be shown at the top of the console if there are any expiring services.
You can view all of your notifications in the new Notifications tab located in the bottom-left corner of the console.
May 2023
Configure console session timeout
You can specify how long an administrator can remain logged in to the management console before they are signed out, even if the session is active.
For more information, see Configure the session timeout limit in the
Cylance Endpoint Security
 Setup content.
May 2023
Alerts view enhancements
  • CylancePROTECT Desktop
     threat alerts displayed in Protection > Threats with an Unsafe, Abnormal, or Quarantined status now have a New status in the Alerts view. Alerts displayed in Protection > Threats with a Waived status now have a Closed status in the Alerts view.
  • The Detection Detail link that allows you to access more information and actions for an individual alert in other areas of the console will now remain active for 60 days for
    CylancePROTECT Desktop
     threat alerts and for 30 days for other types of alerts.
For more information, see Managing alerts across Cylance Endpoint Security services in the
Cylance Endpoint Security
 Administration content.
March-April 2023
Update client credentials for
Microsoft Azure
 Directory Connections
You can now update the client secret or add both a new client ID and client secret after you have set up a directory connection to Microsoft Azure Active Directory.
For more information, see Update the Microsoft Azure Active Directory connection credentials in the
Cylance Endpoint Security
 Setup content.
March 2023
Alerts view
The new alerts view gives you a comprehensive way to review the alerts that are detected and correlated across
Cylance Endpoint Security
 services, making it easier for you to identify and track prevailing threat patterns in your corporate ecosystem and resolve collections of alerts more efficiently. The correlation of alerts across services offers a more complete view of potential threats and contributes to a more holistic approach to protecting your organization's employees and data.
To view and use the new alerts view, you currently must have an entitlement for CylancePROTECT Desktop or CylanceOPTICS. Future updates will extend the Alerts view to customers with entitlements for other
Cylance Endpoint Security
 services.
The initial release of the alerts view supports alerts from the
CylanceOPTICS
 agent on desktop devices and threat alerts from
CylancePROTECT Desktop
 devices. Future updates will add support for alerts from additional
Cylance Endpoint Security
 services.
For more information, see Managing alerts across Cylance Endpoint Security services in the
Cylance Endpoint Security
 Administration content.
Feb 2023
Evaluate the risk level of a file
You can use the management console to evaluate the risk level of a file, as analyzed and determined by the CylancePROTECT cloud services. This feature gives you insight into how the
CylancePROTECT Desktop
 agent would classify a file that it identifies on a device.
For more information, see Evaluate the risk of a file in the
Cylance Endpoint Security
 Administration content.
Feb 2023
Share dashboards
You can now share dashboards that you create in the management console with other administrators.
For more information, see Share a dashboard in the
Cylance Endpoint Security
 Administration content.
Feb 2023
Administrator controls for discovery of devices not protected by
CylancePROTECT Desktop
Previously, the discovery of devices not protected by
CylancePROTECT Desktop
 was enabled and you did not have the option to disable it. In this release, the management console now includes the option to enable or disable this feature. If you enable the feature, you can discover unprotected devices in your environment for your
Microsoft Azure
Active Directory
,
Microsoft Active Directory
, and LDAP directory connections. When the feature is enabled, all of the known devices that are not protected by
CylancePROTECT Desktop
 are displayed on the Assets > Unprotected Devices page. Enabling or disabling this feature applies to all of the directory connections that you have connected to
Cylance Endpoint Security
.
For more information, see Discover unprotected devices in the
Cylance Endpoint Security
 Administration content.
Jan 2023
Default authentication
To enhance security, the default authenticator for all apps and services except the
Cylance
 console,
CylanceGATEWAY
 agent, and
CylancePROTECT Mobile
 app has been changed from Enterprise password to Deny authentication.
Users that do not have an authentication policy assigned to them are presented with an error message when they try to access apps or services and cannot sign in.
Dec 2022
FIDO
 authenticator
You can now add
FIDO
 as an authenticator in authentication policies. Users can register one or more
FIDO2
 devices during sign in and use them to verify their identity.
Dec 2022

BlackBerry Connectivity Node
 version

BlackBerry Connectivity Node
 version 2.12.1 (bundle 28.11.0). To download the latest version of the
BlackBerry Connectivity Node
, click here.