Skip Navigation
  1. BlackBerry Docs
  2. Cylance Endpoint Security
  3. Cylance Endpoint Security Data Collection and Use
  4. How Cylance Endpoint Security products collect and use data
  5. How CylanceAVERT collects and uses data

How
CylanceAVERT
 collects and uses data

For complete information about this product, see the Cylance Endpoint Security docs.
Item
Data collection and use
Collection of admin user data
BlackBerry
 collects and processes the following information about administrators to authenticate authorized administrators and deliver application alerts:
  • Username
  • First name
  • Last name
  • Email address
Collection of user account data
BlackBerry
 collects and processes the following information about user accounts to provide application functionality and support service delivery:
  • Username
  • User unique identifier
  • Display name
  • Email address
  • User title
  • User department
Collection of endpoint data
BlackBerry
 collects and processes the following information about the configuration of a device endpoint to provide application functionality and support service delivery:
  • Hostname
  • FQDN
  • IP addresses
  • OS type
  • OS version
  • Service packs
  • Application build
  • Client type
  • Processor type
  • Device unique identifier
  • Preferred language
Collection of file inventory data
BlackBerry
 collects and processes the following information from the file inventory to identify sensitive documents and provide the risk assessment:
  • File hashes
  • Name of document
  • Document unique identifier
  • File type
  • File size
  • Device unique identifiers
  • User with access to the file
  • Devices with access to the file
  • Name of the policy that was triggered
Collection of web browser exfiltration events
BlackBerry
 collects and processes the following information about web browser exfiltration events to mitigate potential data loss:
  • Date and time of the event
  • Name of the policy that was triggered
  • Client source
  • Application name
  • Machine learning model
  • Document name
  • File type
  • File hash
  • Document unique identifier
  • URL
  • Page title
  • File path
  • File last modified timestamp
Collection of email message exfiltration events
BlackBerry
 collects and processes the following information about email message exfiltration events to mitigate potential data loss:
  • Date and time of the event
  • Name of the policy that was triggered
  • Client source
  • Email client name and version
  • Document name
  • File type
  • File hash
  • Document unique identifier
  • Email subject line
  • Email recipients
Collection of local file transfer exfiltration events
BlackBerry
 collects and processes the following information about local file transfer exfiltration events to mitigate potential data loss:
  • Date and time of the event
  • Name of the policy that was triggered
  • Client source
  • Document name
  • File type
  • File hash
  • Document unique identifier
  • Document source
  • Document destination
  • Hostname
  • Device unique identifier
  • Username
  • User unique identifier
  • Email
  • Title
  • Department
  • File size
  • Number of policy violations
Collection of file snippets
BlackBerry
 collects samples of the specific text that triggers the information protection policy. Depending on the configuration of the customer’s information protection policies, the file snippet may contain sensitive information, including personal data.
This feature is disabled by default.
Collection of evidence files
BlackBerry
 collects the entire document which contains the text that triggered the customer’s information protection policy. Depending on the configuration of the customer’s information protection policies, the evidence file may contain sensitive information, including personal data.
This feature is disabled by default.
Collection of administrator login data
BlackBerry
 collects the login activity from the administrators or operators of customer tenant, including the following information:
  • Date/time
  • User unique identifier
  • Status
  • Account name
Data sharing or forward processing
BlackBerry
 uses the identified information to facilitate the performance of the End User License Agreement under which
BlackBerry
 services and products are offered. This data is only shared with necessary third-party services needed to fulfill the intended purpose of these services.
BlackBerry
 will not sell, lease, or otherwise distribute this information beyond what is disclosed below.
Cross-border data transfers
CylanceAVERT
 customers select the geographic location for their tenant, which is where the personal data that is used to manage the customer’s service and the collected endpoint data is stored. Data is not transferred from the chosen customer’s tenant location to any other geography without customer instruction. The data that is collected is stored by
Amazon Web Services
, in a location of the customer's choice:
  • Northern Virginia, US
  • Oregon, US
  • Frankfurt am Main, Germany
  • Sao Paulo, Brazil
  • Tokyo, Japan
  • Sydney, Australia
Additional sub-processors
MessageBird: provides a Simple Mail Transport Protocol (SMTP) relay service for email alerts generated by the operation of the product. Collects email address data.