CylanceAVERT release notes
What's new in CylanceAVERT 1.2 (April 2023)
CylanceAVERT1.2 (April 2023)
Support for keyword dictionary
You can now upload a keyword dictionary when creating a data type in this release of
CylanceAVERT. A keyword dictionary is a text file that contains all of the keywords for an information protection data type. All keywords in a keyword dictionary must be entered on a separate line in the text file. For more information, see Add a data type in the setup guide.
Alerts view integration
You can now view if an assigned user policy has been applied to that user and their devices by selecting the user in the
Cylance Endpoint Securityconsole. For more information, see View CylanceAVERT user details in the Administration guide.
Data collection enhancements
Non-ASCII filenames are now valid in evidence upload headers.
You can now select the
CylanceAVERTcustom dashboard when you are adding a new dashboard. The
CylanceAVERTcustom dashboard includes all of the supported
This release adds the "Evidence Locker files by date added" dashboard widget.
Support for partially analyzed files
This release adds the following support for partially analyzed files:
File inventory enhancements
You can now group files in the file inventory based on the following parameters:
Using these group parameters will display the users, devices, or data types name as well as the number of sensitive files associated with that group in the file inventory. This list is sorted by the number of sensitive files in descending order. You can click on the users, devices, or data types name to view detailed information about the sensitive files.
What's new in CylanceAVERT 1.0 (Janurary 2023)
CylanceAVERT1.0 (Janurary 2023)
Sensitive data scanning
CylanceAVERTcan scan files uploaded to USB drives, internet browsers, and email attachments, as well as scan the body content of an email message for company data that the administrator defined as sensitive in the information protection policies. An email notification will be sent for data exfiltration events.
Information protection policies
Administrators can specify the conditions that must be met to trigger the policy violation, the allowed domains for the policy, and the actions to take when a policy has been violated. See Information Protection in the BlackBerry Avert Administration and Overview Guide for more information.
When the conditions are met to trigger a policy violation, information about that data exfiltration event display in the
CylanceAVERTevents view. The events view shows detailed information about the event including the data and time of the event, the location that the file was exfiltrated to, the number of policies that were violated, and the user of the device where the event occurred. See BlackBerry Avert Events in the BlackBerry Avert Administration and Overview guide for more information.
Information protection settings
Administrators can use the information protection settings to configure the sensitive data that they want to monitor for by adding templates and data types to use in an information protection policy. Administrators can also define the browser and email domains that will be allowed and trusted, manage the evidence that they want to collect for data exfiltration events, and specify how long the evidence should be available. Specified email addresses can also be sent notifications of data exfiltration events. See Information protection settings in the BlackBerry Avert Administration and Overview guide for more information.
CylanceAVERTfile inventory creates a record of all the sensitive files in an organization through a file trawling process. See File Inventory in the BlackBerry Avert Administration and Overview Guide for more information.
Administrators can use the evidence locker to view details of the files that have been involved in exfiltration events and download the files to their local storage for auditing purposes. See Evidence locker in the BlackBerry Avert Administration and Overview guide for more information.