What is our primary use case?
We use it for protecting our endpoints. We have a specific use case involving a closed and secure environment devoid of internet connectivity, where Cylance is utilized due to its ability to operate without requiring updates for at least twelve months.
How has it helped my organization?
We integrate it into our comprehensive cybersecurity strategy, specifically for antivirus and antiviral purposes. CylancePROTECT provides comprehensive endpoint security, including EDR capabilities. Additionally, BlackBerry now offers XDR, similar to other companies like CrowdStrike and SentinelOne.
The AI-driven threat detection of CylancePROTECT has significantly enhanced our organization's security posture. This company has pioneered an AI-based engine that doesn't rely on signatures, thus offering protection for every computer, server, and endpoint without requiring specific signatures for malware or other attacks.
Cylance stands out for pioneering the delivery of a complete AI-driven antivirus engine that relies primarily, if not solely, on AI and machine learning for threat identification. Remarkably, it identifies over 99.7% of global threats.
What is most valuable?
I've found the AI engine in CylancePROTECT to be particularly effective for technology and in preventing unknown threats.
What needs improvement?
Following the acquisition by BlackBerry, there has been a noticeable slowdown in development and the introduction of new features. Additionally, their channel management has been lacking, with a notable disregard for small and medium-sized businesses, focusing primarily on large enterprises and very large MSPs.
For how long have I used the solution?
I have been working with it for three years.
What do I think about the stability of the solution?
It provides good stability capabilities.
What do I think about the scalability of the solution?
With the cloud-based version of CylancePROTECT, it is easy to download agents and deploy them within seconds, aligning with our organization's policies.
How are customer service and support?
I would rate its customer service and support seven out of ten. It would be preferable to have immediate support from a highly skilled technical team that resolves issues swiftly without the burden of lengthy ticket queues.
How would you rate customer service and support?
What about the implementation team?
Deploying CylancePROTECT is relatively straightforward, but there are areas for improvement to make it even easier. One main issue is the continued existence of two agents for the same solution. Despite discussions over the past few years, merging CylancePROTECT and CylancePROTECT into a single EDR solution with a single agent has yet to be achieved.
Deployment time varies depending on the network, but the implementation of CylancePROTECT is generally rapid, while adding EDR functionality may take longer. There's room for improvement in policy management, as the granularity of policy settings can be complex, especially when monitoring diverse operating systems, environments, and services. Simplifying this aspect would benefit not only large enterprises but also small and medium-sized companies.
The ease of management and deployment of CylancePROTECT does not significantly impact our team's productivity.
What's my experience with pricing, setup cost, and licensing?
Currently, we have competitive pricing for Cylance, which is affordable enough to consider. However, similar pricing can also be obtained from vendors like CrowdStrike and SentinelOne due to the competitive nature of the market. Moreover, with many traditional antivirus solutions now branding themselves as EDR, pricing alone may not be the deciding factor. It often boils down to negotiating discounts aggressively. So, pricing is just one aspect of a complex decision-making process.
What other advice do I have?
My primary recommendations for clients are Cylance (now part of BlackBerry), SentinelOne, and CrowdStrike. These solutions represent the core of what I offer to clients. Cylance, acquired by BlackBerry, has a solid historical track record and offers a reliable solution. However, I find SentinelOne and CrowdStrike to be more innovative in the market. Both companies prioritize endpoint security as their core focus and allocate all their resources to enhance endpoint protection. This dedication is evident in their technology, market strategies, channel management, OEM agreements, brand penetration, growth, and investments. Overall, I would rate it seven out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller