CylanceOPTICS OverviewUNIXBusinessApplication

CylanceOPTICS is the #28 ranked solution in EDR tools. PeerSpot users give CylanceOPTICS an average rating of 6.0 out of 10. CylanceOPTICS is most commonly compared to Microsoft Defender for Endpoint: CylanceOPTICS vs Microsoft Defender for Endpoint. CylanceOPTICS is popular among the large enterprise segment, accounting for 52% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 13% of all views.
CylanceOPTICS Buyer's Guide

Download the CylanceOPTICS Buyer's Guide including reviews and more. Updated: February 2023

What is CylanceOPTICS?

Our cloud-native BlackBerry® Optics provide visibility, on-device threat detection and remediation across your organization. In milliseconds. And our EDR approach effectively and efficiently hunts threats while eliminating response latency. It’s the difference between a minor security event—and one that’s widespread and uncontrolled.

CylanceOPTICS Customers

Cerdant, Washoe County School District

CylanceOPTICS Video

CylanceOPTICS Pricing Advice

What users are saying about CylanceOPTICS pricing:
"I would rate the pricing a three out of five."

CylanceOPTICS Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Solutions Architect at a tech services company with 51-200 employees
Real User
Top 10
Stable with excellent efficacy and a straightforward setup
Pros and Cons
  • "The solution has a high level of trust in the industry."
  • "One minor issue that somebody mentioned was that they didn't like their management console."

What is our primary use case?

Typically, we use machine learning features that we developed over the last half a dozen years to build this product, and therefore we're not a signature-based solution. If there are some anomalies that are taking place, generally we can raise an alarm and beyond just raising an alarm, we can provide some other kind of mitigation. We can maybe block communications or sandbox communications or send an alert as another aspect of control or protection.

What is most valuable?

Their efficacy is pretty good. They're probably in that effectiveness rating of somewhere around 95%. I categorize the solution in that 94% to 97% range in terms of identifying any form of malicious content. 

Historically speaking, they were the technology that identified the big OMB cybersecurity event that happened back in 2015 or something like that. They are well-known for their efficacy, which is a huge plus.

The solution has a high level of trust in the industry. For example, they were used for maybe the Democratic party after the 2016 convention. They had high-ranking, well-known customers that they deal with. 

They do have some other nice features. They do have some behavior analytics features or UEBA features that I've heard are pretty interesting. 

The solution is stable.

I haven't heard anything really negative about technical support.

The initial setup isn't too difficult.

What needs improvement?

One minor issue that somebody mentioned was that they didn't like their management console. I've probably got dozens of people using the product and that was the only negative feedback I've heard. I would try to couch that in terms of saying that that's not the majority that's saying that. That's a small number of customers or even it's really in my case, a single customer kind of thing. However, I'd just like to flag it as a possible issue for some.

Getting into more user-behavior analytics might be interesting. It could, for example, say, "Well gee, what does Steve do on a day-to-day basis?" If I had analytics of that nature, I could see when users log in, check mail, and if they start doing suspicious things, I could get a flag that alerts me. That whole space of behavioral analytics is a hot topic in security and has been for the last half a dozen years. If there are features within the product for behavior analytics, that certainly is interesting.

For how long have I used the solution?

I've been dealing with the solution for as long as I have been at my current job, and that's been about two years at this point.

Buyer's Guide
CylanceOPTICS
February 2023
Learn what your peers think about CylanceOPTICS. Get advice and tips from experienced pros sharing their opinions. Updated: February 2023.
672,785 professionals have used our research since 2012.

What do I think about the stability of the solution?

The solution seems to be stable. I haven't heard of any clients complaining. There don't seem to be bugs or glitches. It doesn't crash or freeze. It seems to be reliable.

What do I think about the scalability of the solution?

I haven't heard any negative feedback in regards to scalability. It probably scales to thousands, maybe even tens of thousands in terms of large customer organizations. However, I haven't personally attempted to scale it myself.

How are customer service and support?

Overall, the technical support has a pretty good reputation. I've only ever heard one complaint about it out of all the clients we have. My sense is that they are knowledgeable and responsive. I would likely have heard otherwise if they weren't.

How was the initial setup?

As far as I know, the initial setup is pretty straightforward. 

What was our ROI?

It's always hard to measure in terms of security. At some level, you think of this as table stakes. I have to have a firewall to get in the game. I have to have end-point protection to get in the game. How are we justifying it? Well, let's say that if we wanted to run the math, what would the risks be if we left ourselves open.

In a simple thought process, let's say a security breach costs us $10 million and there's a possibility we can reach five times in the next 10 years, right? That means our annual exposure is $2 million a year or something like that if we did this math. 30% of the time or 20% of the time that could come from an endpoint kind of exposure.

If we ran the math, maybe we could say, "Well gee, then this thing's worth $400,000 a year if it's 100% effective at reducing endpoint exposures." All right, maybe we take half of that number and say $200,000 a year from a cost-benefit analysis. Well, the product, depending on the size of our user community, the product costs maybe $100,000, so that's a good return on investment. I've got this annualized risk exposure of $200,000 and it's costing me $100,000 to protect against and so some would argue that's good business.

What other advice do I have?

We're a reseller. We don't have a business relationship with Cylance.

I'm not sure which version of the solution our clients are using. It might be different versions.

Our clients use both on-premises and cloud deployments. It depends on the customer and their preference. However, generally, I would say most use on-premises more often.

I'd advise new users that they should always start small or start with a small set before they do a big rollout. It's a good idea to test the waters and get a feel for any type of solution before going big.

In general, I would rate it at an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IT Cyber Security Engineer at a legal firm with 201-500 employees
Real User
Top 10
Provides too many false positives, and doesn't identify potential threats, but the technical support is helpful
Pros and Cons
  • "CylanceOPTICS is pretty stable."
  • "The tools are ineffective. It flags a lot of things. To give you an example, it detected Google Chrome and blocked the user's access to it. That it mistook for malicious, which turned out to be a false positive."

What is our primary use case?

We use CylanceOPTICS for malicious URLs and malicious processes. 

Malicious processes that we're attempting to be notified about, and similar things.

What needs improvement?

We have been dissatisfied with CylanceProtect and CylanceOPTICS and want to leave within the next several months. It just hasn't been an effective tool.

The tools are ineffective. It flags a lot of things. To give you an example, it detected Google Chrome and blocked the user's access to it. That it mistook for malicious, which turned out to be a false positive. When this happened, I had to go in and perform something to get them access to Chrome; when they submitted the access to Google Chrome, they received a black screen and couldn't do anything whatever.

As you may expect, I received a lot of tickets for that.

It had to be addressed in order for the user to be able to go to what they were attempting to get to. I had to go in and temporarily apply for exclusion and open a ticket.

I don't feel like it is actually protecting us against anything, It provides too many false positives.

For how long have I used the solution?

I have been working with CylanceOPTICS for just over two years.

What do I think about the stability of the solution?

CylanceOPTICS is pretty stable. 

We just didn't find any value compared to what it is doing.

What do I think about the scalability of the solution?

CylanceOPTICS could be scalable. It just didn't work in our situation. Maybe in a different environment, it will work fine. 

We are not happy with the service. It wasn't really identifying potential threats.

I was under the assumption that we would be getting a technology that uses machine learning to identify and block threats. I don't see it doing anything like that right now.

We are an enterprise company.

How are customer service and support?

The technical support personnel I interacted with were good. 

It was a long process with a lot of testing to attempt to get things to work. 

Overall, if I had to rate it on a scale of one to ten, I would rate the technical support an eight out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

This is the first time of me dealing with mobile threat defense. We have a vendor in-house that I am going to be working with. They are enabled for our environment, but as far as actual experience with mobile threat defense, no. I don't have that type of experience at all.

I have experience with Blackberry Cylance.

I have some experience with CylancePROTECT, as well as CylanceOPTICS which is part of Cylance Gateway. 

How was the initial setup?

The setup is straightforward. 

You may send it to a GPO, or if you have a tool that can do remote assets, such as Goverlan, you can send it through Goverlan. 

If you opt to push it via Goverlan, make sure the user is connected to the VPN. 

You normally need to be on a VPN, and you simply connect through 

Goverlan, press a button, and it installs.

There is no user participation required; the user just has to be connected to a VPN if you push through Goverlan press a button, and then install.

It was also the group policy, we chose to use Goverlan because the tools we use in our environment are routed through Goverlan.

It's really simple. There are two kinds of deployments. You can use the Universal Agent to install both Protect and Optic in one installation, or you can install Protect separately and then Optics separately. We decided to go with the Universal Agent.

What was our ROI?

Protect and Optic as a whole were just not a good fit. I have no positives. Even with exclusions, it just wasn't a good match. 

We don't believe we received what we paid for. We don't believe we received our money's worth. I have used it before at other companies. It worked great, but it wasn't effective for us. 

There are a lot of false positives. Even after applying several exclusions, there were numerous false positives.

What's my experience with pricing, setup cost, and licensing?

We received both. We prepared a quotation for a year. It is based on a calendar year. We spent a year on both Protect and Optics.

I would rate the pricing a three out of five.

What other advice do I have?

It wasn't a good fit for us. We were unhappy with it, and while it may have worked better in a different environment, it was not a good match for us.

I would rateCylanceOPTICS a three out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
CylanceOPTICS
February 2023
Learn what your peers think about CylanceOPTICS. Get advice and tips from experienced pros sharing their opinions. Updated: February 2023.
672,785 professionals have used our research since 2012.
CTO & Co-Founder at a tech services company with 11-50 employees
Real User
Top 10
Light and effective but cannot scale
Pros and Cons
  • "It's pretty unintrusive"
  • "The reporting is very weak and not very good at all."

What is our primary use case?

The solution is mostly for EDR stuff, basically, to protect a company if it got hit by ransomware. That was one of the biggest worries. That was the main use it, was to monitor and protect at this point.

What is most valuable?

It's pretty unintrusive. It's light and it's pretty effective in the level of response.

The tool itself, it's really good. The client never had any issues afterward.

What needs improvement?

The biggest thing about CylanceOPTICS is that it's really not that scalable for larger companies. We usually have a lot of large, really large companies. Even though some of them went to Cylance, they usually just use the PROTECT piece, and they couldn't scale it. They kept whatever they had - Symantec, McAfee, whatever it was. They went to Cylance due to the fact that it was effective, however, it's hard to segment into groups. It's just not as scalable as some of the more established tools. Most companies will use it as another protection piece, not a replacement. Just a second level.

The reporting is very weak and not very good at all. 

For how long have I used the solution?

I've used the solution for over two years. That's when my company was partnered with Cylance and we installed it and used it ourselves.

What do I think about the stability of the solution?

The solution is pretty stable. It's pretty rock solid.

What do I think about the scalability of the solution?

The largest client, which wasn't that huge, was 300 users on the cloud. We were managing it for them and it was an instance on our companies.

The solution doesn't work well with large companies. It doesn't scale well.

How are customer service and support?

We didn't have to do much on that end. When we did, technical support was really good. It is a very good company.

How was the initial setup?

The initial setup isn't easy or hard. It's in the middle. It requires tuning. You have to tune it due to the false positives and creating the exceptions and stuff like that. However, it was pretty straightforward for us.

In terms of maintenance, we did a lot of work, however, the day-to-day stuff was done by one person on their end. It was fractional. It was a fraction of a full-time person. It's pretty easy to maintain. I did a lot of work with Symantec Endpoint Protection and their ATP products and stuff like that. That took more effort since you had a lot more pieces to it, including firewalls and IPS and device control and a bunch of other things. Cylance, on the other hand, is pretty straightforward. It's just AV and then the ADR piece.

What's my experience with pricing, setup cost, and licensing?

I don't deal with licensing and can't speak to the exact cost of the product. We bundle the cost with our services. We charge clients for our services as well, so it was combined. That said, it wasn't that much even from our side.

What other advice do I have?

Installing the solution is a one-time effort. It's not excessive. The only advice I'd give is that everybody should follow when doing a new product, which is always doing a pilot. In fact, do a couple of pilots in different environments or different groups of people. It's always good to start with your IT people, some subset of it, and then go on to all the departments until it's clear that it's not impacting unsuspecting areas. Especially the main apps.

Overall, I'd give it a seven out of ten. It does a great job at preventing malware, however, the reporting is poor. It's really not very good. And it cannot scale well.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user