Skip Navigation
  1. BlackBerry Docs
  2. Cylance Endpoint Security
  3. Cylance Endpoint Security Release Notes
  4. Management console and platform services

Management console and platform services

This section contains information about updates to the management console and platform services that impact more than one
Cylance Endpoint Security
 service or the general experience of the console. Console changes that impact specific
Cylance Endpoint Security
 services are described in the respective sections of this guide.

What's new in the management console

Feature
Description
Date added
Updates to focus view
Previously in Assets > Devices, you could click the option to create focus data for alerts older than 30 days, even though focus data could not be generated due to the age of the alert. In this update, the option to create focus data can no longer be selected for alerts older than 30 days.
For focus data you have already generated, you cannot access the focus data after 90 days have passed.
November 2024
Updates to zone policies
You can now choose to not assign an associated device policy to a zone in the Zones screen. Administrators can use zones to manage devices without an associated device policy while making sure that a device's currently assigned device policy remains unchanged. When devices are added to a zone with the device policy set to None, they will no longer be automatically assigned to an associated device policy.
For more information, see Add and configure a zone.
November 2024
Improvements to Devices grid view
The Devices grid (Assets > Devices) has been improved for an enhanced search experience for managing devices.
  • Ability to easily specify one or more ranges of IP address when filtering the list of devices. The range of IP addresses can also be used for zone rules.
  • A standardized date picker now appears when specifying date fields.
  • Saved queries that can be applied as zone rules are now indicated with an asterisk (*).
  • Ability to specify a field more than once in a query.
  • The Display Name column is now available to search for a named device.
  • Ability to delete recent queries from the list.
October 2024
Duo Universal MFA
You can now add
Duo
 Universal MFA for multi-factor authentication. 
Duo
 has ended support for their
Duo
 Traditional Prompt. For more information, see the Duo Knowledge Base. If you already have the now deprecated
Duo
 MFA authenticator configured, you must add the new
Duo
 Universal MFA authenticator or users might not authenticate successfully. The configured
Duo
 MFA authenticator will be displayed as read only in the
Cylance
 console.
July 2024
New Devices grid view for managing devices
This is a preview of changes to come for the Devices grid that is fully functional and can be used as an alternate way to manage your devices. Enhancements will continue in the near future to add more filter criteria and new experiences.  The following features can be used today:
  • Search for your devices using a query-based experience with multiple expressions, giving you more flexibility to find the devices you want.
  • Save your frequently used queries with a friendly name that is easy to remember so that you can quickly load them later.
  • Saved queries are used to automatically add devices to a zone when you add a zone rule.
  • Adjust the density of information displayed on the grid as well as pin columns for improved legibility.
  • Export a list of more than 10,000 devices at once.
  • Switch between the legacy view and the new view from the top right corner of the (Assets > Devices) screen.
July 2024
Automated zone management
Devices can now be automatically added to a zone when they match the zone rules criteria and also be automatically removed from a zone when they don't match the criteria.
When you add a zone rule to a new zone, you need to specify a saved query (from the new Devices grid view) and whether you want devices to be automatically removed. The list of devices in the results of the saved query indicates the devices that will be automatically added to the zone. It is recommended to run a saved query and verify the list of devices in the results before using it for zone rules.
By default, devices that are added automatically to the zone will follow the zone rules. If the automatic device removal option is selected in the zone rules, devices that follow the zone rules will be automatically removed from the zone when they don't meet the zone rules criteria. You can also manually add devices that ignore the zone rules so they aren't automatically removed from the zone. When managing a zone, you can change whether a device follows or ignores the zone rules.
With the introduction of automated zones, you cannot modify the zone rules of legacy zones that were created prior to this update, but the legacy zones will continue to function as before. To take advantage of the automated zones, you can migrate devices from legacy zones by copying devices to a newly created zone or by creating a new saved query filter using the new device grid and using it for the zone rule. In the new zone, you can change the associated policy and ensure it works properly according to your needs before you remove the legacy zone.
July 2024
Simplify the configuration of a new tenant
When you create a new
Cylance Endpoint Security
 tenant, the tenant now includes preconfigured zones and preconfigured device policies that are designed to help you tune your environment to the desired security posture.
You also have the option to export the configuration of an existing tenant and import it to a new tenant, or to reset a new tenant to use preconfigured zones and preconfigured device policies.
July 2024
Reset password enhancement
When users reset their password, a confirmation message that includes the email address that a reset password email is sent to will be displayed.
June 2024
CylanceMDR
 On-Demand
The
CylanceMDR
 On-Demand subscription is a convenient and helpful option if your organization monitors the alerts that are reported to the
CylanceMDR
 console. With this subscription, you can request
CylanceMDR
 support on demand for any alerts that you think might be a threat but you need the time and expertise of a
CylanceMDR
 analyst to help you resolve it. You can request support from an alert group in the Alerts view in the
Cylance
 console.
CylanceMDR
 analysts are immediately notified with the alert details and can start their investigation and assess the threat. To follow up on the investigation (for example, to share additional details), you can log in to the
CylanceMDR
 (CylanceGUARD) portal and find the alert in the Escalations screen.
For more information, see View and manage aggregated alerts.
May 2024
Alerts view enhancement:
Cylance Assistant
 for
CylanceOPTICS
 alert groups
In the Alerts view, you can use the AI-powered
Cylance Assistant
 to provide a summary analysis of a
CylanceOPTICS
 alert group, and detailed analysis for process artifacts within the group (for example, command line processes). The
Cylance Assistant
 leverages rich cybersecurity knowledge sources to provide valuable information to aid you in your threat investigations.
  • To access the
    Cylance Assistant
     in the Alerts view, you must contact your
    BlackBerry
     account representative to request enablement of this feature.
  • Currently, the
    Cylance Assistant
     is available for
    CylanceOPTICS
     alerts only. Future updates will extend this functionality to other
    Cylance
     products and services.
  • BlackBerry
     does not use any customer data to train the AI that powers the
    Cylance Assistant
    .
May 2024
Alerts view enhancement: Support for script control alerts
The Alerts view now supports
CylancePROTECT Desktop
 script control alerts, including the ability to add a file associated with a script control alert to the global safe list.
April 2024
Alerts view enhancements
  • After you filter alert groups by the desired criteria, you can now select and bulk delete all of the alert groups in the filter results, or select alert groups.
  • You can now export alert groups or the alerts within a group in JSON format.
March 2024
Console sign in enhancement
By default, new tenants now require administrators to enter a one-time password, in addition to the
Cylance
 console password, each time that they try to access the console. Existing customers can update the authentication policy to add the One-Time Password requirement. New tenants can remove the One-Time Password requirement after an administrator sign-in to the console for the first time.
For more information, see Enhanced authentication sign in.
March 2024
User Policy enhancements
The following enhancements have been made to the "Add User or Group" setting (Policies > User Policy) in the management console:
  • You can now search for users and user groups under separate tabs.
  • The search results are displayed in alphabetical order based on a user's or user group's name.
  • By default, a maximum of 50 search results are returned for users and groups, respectively. Administrators must refine their search criteria when more than 50 search results are returned.
February 2024

BlackBerry Connectivity Node
 version

BlackBerry Connectivity Node
 version 2.14.0. To download the latest version of the
BlackBerry Connectivity Node
, click here.