What is the CylancePROTECT Application for Splunk?
CylancePROTECTidentifies and blocks malware and cyber threats before they can affect a device.
BlackBerryuses machine learning techniques to effectively render threats useless while using a minimal amount of system resources.
CylancePROTECT Desktoplives in the
Cylanceconsole, which is a cloud-based management console that allows you to view various threat-related events, manage device policies to configure agents on endpoints, and manage global lists for quarantined and safe files. For more information about
CylancePROTECT, see What is CylancePROTECT Desktop?
Splunkis a plugin within your
Splunkenvironment that pulls data from the
Cylanceservices in your
Cylanceconsole to aggregate preconfigured, but customizable, dashboards to monitor, track, and analyze threat data and activity. You can also install the
SplunkEnterprise to further enhance the application's data optimization and collection. This add-on should be installed on
Splunkindexers and forwarders that do not consume data from the threat data report.