IT Central Station is now PeerSpot: Here's why

CylanceOPTICS OverviewUNIXBusinessApplication

CylanceOPTICS is #19 ranked solution in EDR tools. PeerSpot users give CylanceOPTICS an average rating of 8 out of 10. CylanceOPTICS is most commonly compared to Microsoft Defender for Endpoint: CylanceOPTICS vs Microsoft Defender for Endpoint. CylanceOPTICS is popular among the large enterprise segment, accounting for 41% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 21% of all views.
Buyer's Guide

Download the Endpoint Detection and Response (EDR) Buyer's Guide including reviews and more. Updated: June 2022

What is CylanceOPTICS?

Our cloud-native BlackBerry® Optics provide visibility, on-device threat detection and remediation across your organization. In milliseconds. And our EDR approach effectively and efficiently hunts threats while eliminating response latency. It’s the difference between a minor security event—and one that’s widespread and uncontrolled.

CylanceOPTICS Customers

Cerdant, Washoe County School District

CylanceOPTICS Video

CylanceOPTICS Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Solutions Architect at a tech services company with 51-200 employees
Real User
Top 10
Stable with excellent efficacy and a straightforward setup
Pros and Cons
  • "The solution has a high level of trust in the industry."
  • "One minor issue that somebody mentioned was that they didn't like their management console."

What is our primary use case?

Typically, we use machine learning features that we developed over the last half a dozen years to build this product, and therefore we're not a signature-based solution. If there are some anomalies that are taking place, generally we can raise an alarm and beyond just raising an alarm, we can provide some other kind of mitigation. We can maybe block communications or sandbox communications or send an alert as another aspect of control or protection.

What is most valuable?

Their efficacy is pretty good. They're probably in that effectiveness rating of somewhere around 95%. I categorize the solution in that 94% to 97% range in terms of identifying any form of malicious content.  Historically speaking, they were the technology that identified the big OMB cybersecurity event that happened back in 2015 or something like that. They are well-known for their efficacy, which is a huge plus.The solution has a high level of trust in the industry. For example, they were used for maybe the Democratic party after the 2016 convention. They had high-ranking, well-known customers that they deal with.  They do have some other nice features. They do have some behavior analytics features or UEBA features that I've heard are pretty interesting.  The solution is stable. I haven't heard anything really negative about technical support. The initial setup isn't too difficult.

What needs improvement?

One minor issue that somebody mentioned was that they didn't like their management console. I've probably got dozens of people using the product and that was the only negative feedback I've heard. I would try to couch that in terms of saying that that's not the majority that's saying that. That's a small number of customers or even it's really in my case, a single customer kind of thing. However, I'd just like to flag it as a possible issue for some. Getting into more user-behavior analytics might be interesting. It could, for example, say, "Well gee, what does Steve do on a day-to-day basis?" If I had analytics of that nature, I could see when users log in, check mail, and if they start doing suspicious things, I could get a flag that alerts me. That whole space of behavioral analytics is a hot topic in security and has been for the last half a dozen years. If there are features within the product for behavior analytics, that certainly is interesting.

For how long have I used the solution?

I've been dealing with the solution for as long as I have been at my current job, and that's been about two years at this point.
Buyer's Guide
Endpoint Detection and Response (EDR)
June 2022
Find out what your peers are saying about BlackBerry, Microsoft, Fortinet and others in Endpoint Detection and Response (EDR). Updated: June 2022.
610,190 professionals have used our research since 2012.

What do I think about the stability of the solution?

The solution seems to be stable. I haven't heard of any clients complaining. There don't seem to be bugs or glitches. It doesn't crash or freeze. It seems to be reliable.

What do I think about the scalability of the solution?

I haven't heard any negative feedback in regards to scalability. It probably scales to thousands, maybe even tens of thousands in terms of large customer organizations. However, I haven't personally attempted to scale it myself.

How are customer service and support?

Overall, the technical support has a pretty good reputation. I've only ever heard one complaint about it out of all the clients we have. My sense is that they are knowledgeable and responsive. I would likely have heard otherwise if they weren't.

How was the initial setup?

As far as I know, the initial setup is pretty straightforward. 

What was our ROI?

It's always hard to measure in terms of security. At some level, you think of this as table stakes. I have to have a firewall to get in the game. I have to have end-point protection to get in the game. How are we justifying it? Well, let's say that if we wanted to run the math, what would the risks be if we left ourselves open. In a simple thought process, let's say a security breach costs us $10 million and there's a possibility we can reach five times in the next 10 years, right? That means our annual exposure is $2 million a year or something like that if we did this math. 30% of the time or 20% of the time that could come from an endpoint kind of exposure.If we ran the math, maybe we could say, "Well gee, then this thing's worth $400,000 a year if it's 100% effective at reducing endpoint exposures." All right, maybe we take half of that number and say $200,000 a year from a cost-benefit analysis. Well, the product, depending on the size of our user community, the product costs maybe $100,000, so that's a good return on investment. I've got this annualized risk exposure of $200,000 and it's costing me $100,000 to protect against and so some would argue that's good business.

What other advice do I have?

We're a reseller. We don't have a business relationship with Cylance. I'm not sure which version of the solution our clients are using. It might be different versions. Our clients use both on-premises and cloud deployments. It depends on the customer and their preference. However, generally, I would say most use on-premises more often. I'd advise new users that they should always start small or start with a small set before they do a big rollout. It's a good idea to test the waters and get a feel for any type of solution before going big. In general, I would rate it at an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
CTO & Co-Founder at a tech services company with 11-50 employees
Real User
Top 20
Light and effective but cannot scale
Pros and Cons
  • "It's pretty unintrusive"
  • "The reporting is very weak and not very good at all."

What is our primary use case?

The solution is mostly for EDR stuff, basically, to protect a company if it got hit by ransomware. That was one of the biggest worries. That was the main use it, was to monitor and protect at this point.

What is most valuable?

It's pretty unintrusive. It's light and it's pretty effective in the level of response.

The tool itself, it's really good. The client never had any issues afterward.

What needs improvement?

The biggest thing about CylanceOPTICS is that it's really not that scalable for larger companies. We usually have a lot of large, really large companies. Even though some of them went to Cylance, they usually just use the PROTECT piece, and they couldn't scale it. They kept whatever they had - Symantec, McAfee, whatever it was. They went to Cylance due to the fact that it was effective, however, it's hard to segment into groups. It's just not as scalable as some of the more established tools. Most companies will use it as another protection piece, not a replacement. Just a second level.

The reporting is very weak and not very good at all. 

For how long have I used the solution?

I've used the solution for over two years. That's when my company was partnered with Cylance and we installed it and used it ourselves.

What do I think about the stability of the solution?

The solution is pretty stable. It's pretty rock solid.

What do I think about the scalability of the solution?

The largest client, which wasn't that huge, was 300 users on the cloud. We were managing it for them and it was an instance on our companies.

The solution doesn't work well with large companies. It doesn't scale well.

How are customer service and support?

We didn't have to do much on that end. When we did, technical support was really good. It is a very good company.

How was the initial setup?

The initial setup isn't easy or hard. It's in the middle. It requires tuning. You have to tune it due to the false positives and creating the exceptions and stuff like that. However, it was pretty straightforward for us.

In terms of maintenance, we did a lot of work, however, the day-to-day stuff was done by one person on their end. It was fractional. It was a fraction of a full-time person. It's pretty easy to maintain. I did a lot of work with Symantec Endpoint Protection and their ATP products and stuff like that. That took more effort since you had a lot more pieces to it, including firewalls and IPS and device control and a bunch of other things. Cylance, on the other hand, is pretty straightforward. It's just AV and then the ADR piece.

What's my experience with pricing, setup cost, and licensing?

I don't deal with licensing and can't speak to the exact cost of the product. We bundle the cost with our services. We charge clients for our services as well, so it was combined. That said, it wasn't that much even from our side.

What other advice do I have?

Installing the solution is a one-time effort. It's not excessive. The only advice I'd give is that everybody should follow when doing a new product, which is always doing a pilot. In fact, do a couple of pilots in different environments or different groups of people. It's always good to start with your IT people, some subset of it, and then go on to all the departments until it's clear that it's not impacting unsuspecting areas. Especially the main apps.

Overall, I'd give it a seven out of ten. It does a great job at preventing malware, however, the reporting is poor. It's really not very good. And it cannot scale well.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Buyer's Guide
Download our free Endpoint Detection and Response (EDR) Report and find out what your peers are saying about BlackBerry, Microsoft, Fortinet, and more!
Updated: June 2022
Buyer's Guide
Download our free Endpoint Detection and Response (EDR) Report and find out what your peers are saying about BlackBerry, Microsoft, Fortinet, and more!