IT Central Station is now PeerSpot: Here's why

CylancePROTECT OverviewUNIXBusinessApplication

CylancePROTECT is #17 ranked solution in endpoint security software. PeerSpot users give CylancePROTECT an average rating of 8 out of 10. CylancePROTECT is most commonly compared to CrowdStrike Falcon: CylancePROTECT vs CrowdStrike Falcon. CylancePROTECT is popular among the large enterprise segment, accounting for 51% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 25% of all views.
CylancePROTECT Buyer's Guide

Download the CylancePROTECT Buyer's Guide including reviews and more. Updated: July 2022

What is CylancePROTECT?

Blackberry Protect is a next generation artificial intelligence (AI) based endpoint protection platform (EPP) that prevents breaches and provides added controls for safeguarding against sophisticated cyberthreats. It uses predictive analysis to quickly and accurately find even the most advanced threats before they ever take place. Blackberry Protect’s cloud-based supercomputer mines hundreds of millions of files from all over the cloud, allowing it to predict and stop any hacker dead in their tracks.

Blackberry Protect runs on a lightweight agent and requires no internet connection. Instead of taking up massive amounts of computing power, it typically requires less than 1% of a system’s available computing resources. In addition, it only needs to be upgraded if the model is improved, which means that you can run it on your local servers and have constant and uninterrupted access to it.

Benefits of Blackberry Protect

Some of the benefits of using Blackberry Protect include:

  • The use of advanced AI analytics to provide extremely fast protection. The solution scans any and all applications that attempt to execute commands in your system. If it determines that the application is a threat, then it will respond to the threatening action within milliseconds. The anti-viral software will cancel or disallow any actions that the application attempts to initiate.
  • Minimizing of potential threats by cutting off the access of unauthorized devices. Blackberry Protect allows users to determine which devices are allowed to run on their network. It enforces the security rules that your system administrators set and denies hackers the ability to penetrate your system through unapproved devices.
  • Uses less computing power while still providing your system with a robust level of protection. Blackberry Protect runs on a lightweight agent that requires you to devote a fraction of the computing power that similar solutions require. This ensures that your system does not have to sacrifice security for processing power.

Reviews from Real Users

The Blackberry Protect software stands out among its competitors for a number of reasons. Two major ones are the artificial intelligence and machine learning algorithms that the solution uses to detect and deal with threats and the ability to scale your level of protection according to your needs.

PeerSpot user Donald D., the owner of Terra Controls, notes the value of having both artificial intelligence and machine learning in a single product when he writes, “The most valuable feature is the AI and ML-based virus protection that does not rely on signature-based detection methods. The way this product works is that it does not go to a central server to pick up the latest virus definitions. Instead, it's a processor-powered search that checks to see if anything out of the ordinary is running on your machine. It looks for anomalies and cancels processes that do not look normal. For example, if a program tries to read the registry and then make a change, but it hasn't been authorized, then it is assumed to be a bad actor and the process is canceled or the action is disallowed.”

PeerSpot user Orlando B., Head of Systems at SKN Caribecafe Ltda, noted how this program is not a one-size-fits-all solution when he writes, “The solution is very good at quickly and easily changing the levels of protection for each computer and server. It's very easy to control and to see what is happening with each computer. It's very easy to choose which computer I can look at and check.”

CylancePROTECT was previously known as Blackberry Protect.

CylancePROTECT Customers

Panasonic, Noble Energy, Apria Healthcare Group Inc., Charles River Laboratories, Rovi Corporation, Toyota, Kiewit

CylancePROTECT Video

CylancePROTECT Pricing Advice

What users are saying about CylancePROTECT pricing:
  • "The product cost is about $5, per user, per month."
  • "We pay our license on a yearly basis and have just renewed for two years."
  • CylancePROTECT Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Gordon Powell - PeerSpot reviewer
    OT Cyber Security Principal Consultant at Jacobs Engineering Group Inc.
    Consultant
    Top 10
    An outstanding product that is pretty spot on and easy to deploy and use
    Pros and Cons
    • "The non-daily requirement to update signatures is the most valuable feature. From a functional point of view, it is pretty spot on. For instance, we compared an algorithm from five years ago to today's algorithm, and it was 98% accurate. It has the ability to detect and mitigate. In the industrial environment that we work in, there's what we call OT versus IT. You are IT Central, but this is OT. Generally, we don't have the same level of skillset as IT individuals or IT professionals have. This particular product doesn't require you to be a computer scientist to be able to understand its proprietary algorithm and to be able to deploy, use, and work within it. It integrates well with a robust SIEM or SOAR solution, and it plays nice with others. We use other detection solutions like CyberX or site provision with Cisco, and it plays nice. That's one of the things we really liked about it."
    • "It could have integration with industrial base HMIS or Human Machine Interfaces Solutions. This is the industrial environment where you have a control center for all the automation that's happening, whether it is oil, gas, or chemical manufacturing. They often have to set up a computer at the back and watch the other stuff to get alerts. In these autonomous or on-premises environments, they often don't have access to email readily. Integration with other industrial solutions, such as HMIS, will allow them to communicate and get an alert that something has been found. This way, they can react to it sooner than having somebody watch the screen and keep checking the screen. Rockwell has its own suite. Similarly, Honeywell has its own suite. There's also an independent HMI/historian solution provider out there called VTSCADA. We actually get asked if we can get it to show up on a screen, which is difficult. Getting those alerts to work within an industrial environment would be a huge plus."

    What is our primary use case?

    I direct our design and engineering teams, and we craft solutions for on-premises or autonomous networks in the industrial industry, such as oil and gas, water, and manufacturing. We use this solution as a layered defense for the defense strategy for our on-premises clients. An attractive thing about this solution is that it uses AI official algorithms to not only discover known stuff but also to discover anomalous behavior and things that are out of the ordinary. It is not just signature-based; it is an algorithm or AI and machine learning.

    How has it helped my organization?

    From an administrative overhead point of view, there is a 75% reduction in administrating the solution.

    What is most valuable?

    The non-daily requirement to update signatures is the most valuable feature. From a functional point of view, it is pretty spot on. For instance, we compared an algorithm from five years ago to today's algorithm, and it was 98% accurate. It has the ability to detect and mitigate. In the industrial environment that we work in, there's what we call OT versus IT. You are IT Central, but this is OT. Generally, we don't have the same level of skillset as IT individuals or IT professionals have. This particular product doesn't require you to be a computer scientist to be able to understand its proprietary algorithm and to be able to deploy, use, and work within it. It integrates well with a robust SIEM or SOAR solution, and it plays nice with others. We use other detection solutions like CyberX or site provision with Cisco, and it plays nice. That's one of the things we really liked about it.

    What needs improvement?

    It could have integration with industrial base HMIS or Human Machine Interfaces Solutions. This is the industrial environment where you have a control center for all the automation that's happening, whether it is oil, gas, or chemical manufacturing. They often have to set up a computer at the back and watch the other stuff to get alerts. In these autonomous or on-premises environments, they often don't have access to email readily. Integration with other industrial solutions, such as HMIS, will allow them to communicate and get an alert that something has been found. This way, they can react to it sooner than having somebody watch the screen and keep checking the screen. Rockwell has its own suite. Similarly, Honeywell has its own suite. There's also an independent HMI/historian solution provider out there called VTSCADA. We actually get asked if we can get it to show up on a screen, which is difficult. Getting those alerts to work within an industrial environment would be a huge plus.
    Buyer's Guide
    CylancePROTECT
    July 2022
    Learn what your peers think about CylancePROTECT. Get advice and tips from experienced pros sharing their opinions. Updated: July 2022.
    610,190 professionals have used our research since 2012.

    For how long have I used the solution?

    I have been using this solution for about a year and a half.

    What do I think about the stability of the solution?

    It has been rock solid. We haven't had any hiccups in terms of compatibilities and server uptime. Everything, such as application and reliability, is there. It is very strong.

    What do I think about the scalability of the solution?

    It scales extremely well. We're on the low end of the quantity, but it scales up into tens of thousands very easily.

    How are customer service and support?

    We have the ability to go right into critical because of our partnership level with them. Their support has been exemplary.

    How was the initial setup?

    The initial setup is pretty straightforward. Our guys are trained up in it. 

    What other advice do I have?

    They like to see licensing at a higher level. That's not the norm for on-premises economist environments in the industrial industry. If you're an integrator versus an end user, they like to look at the quantity. Even though they like to start at quantities less than a thousand, it is cumulative. I've got a thousand clients at a hundred, so now I've got a 100,000. Therefore, don't let the scalability, where they like to play in tens of thousands, dissuade you from incorporating this product. It is quite different from the standard signature-based approach to endpoint protection. At first, you're a little worried because you're so used to staying on top of it or having to stay on top of it versus building a level of trust that it is actually working, and I don't need to mother it. I would rate CylancePROTECT a nine out of ten. I'll never give anybody a ten because that's a perfect world, and we don't live in a perfect world. This rating is based on my experience with Cylance from the onset, learning the product, working with it to roll it out, working independently, and interfacing with the client. It has been very outstanding.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Senior Network Administrator at a financial services firm with 51-200 employees
    Real User
    Top 5
    Inconsistent stability with a difficult uninstall, although deployment of updates is easy
    Pros and Cons
    • "The deployment of updates is easy."
    • "While you are working, you are finding these things that were supposed to be waived have come back to being blocked. That's frustrating."

    What is our primary use case?

    We use this solution for endpoint protection for our external devices and laptops.

    What is most valuable?

    The deployment of updates is easy.

    What needs improvement?

    Not having OPTICS doesn't allow us to do any history. We don't have OPTICS, but FortiEDR comes with things like OPTICS, which is nice because we are not able to see more. 

    OPTICS gives you things that FortiEDR has built in. For Cylance, there is an add-on to do the things that come with that solution.

    It would be nice if Cylance didn't separate PROTECT and OPTICS and put them together and made them on the same price point as FortiEDR, and some other ones rather than having to pay extra for something that the others already have built-in, and seen to do better.

    It often lets you waive something for the firm or for the whole company and then comes back and blocks the same thing because you have to do the certificate instead of the hash. You are finding yourself having to approve for the same program, the same application, the same file more than once and it's frustrating.

    While the deployment of updates is easy, it would be good to have some more information about which version to use, because the versions that are available seem to be outdated. 

    When you go to the admin section, you will see that you will have the latest update from months ago and a month before that, and a month before that. 

    I have a hard time believing that there are no more updates in between when there are things that are out all the time. It just doesn't make you feel like you're getting covered or have the best protection, which you should have. 

    For how long have I used the solution?

    I have been using this solution for two years.

    We are using one of the newer versions. I don't always install the updates.

    What do I think about the stability of the solution?

    The stability varies. It's not consistent and it's frustrating.

    Things that are blocked, you waive and it comes back. It's very frustrating. It doesn't keep up with the machines. 

    You have a lot of machines and if you reimage a lot you will see many duplicates that you have to export and remove from figuring out which one's the MAC address. It should have an easy way to know that a machine is re-imaged, and not adding to your list of devices.

    You end up having all these devices that are no longer being scanned that you have to figure out what they are. It is frustrating.

    What do I think about the scalability of the solution?

    We have approximately 200 users in our organization. It's for everyone in our accounting firm, who are accountants, auditors, IT, and HR accounting.

    We don't have plans to continue using this solution, we are considering other options.

    How are customer service and technical support?

    We don't go through technical support directly. We go through a reseller and they take care of it. We have never directly talked to BlackBerry or Cylance about any issues that we have had.

    Which solution did I use previously and why did I switch?

    Previously, we had McAfee ePO. We changed to CylaneProtect, a solution that we felt would be a better fit, and that was not managed in-house, on a local server that we used for that. It was time to move on from that.

    How was the initial setup?

    The initial setup was fine. It's doesn't take a long time to deploy.

    Uninstalling is difficult. Sometimes it doesn't remove easily, and that is frustrating. 

    It would be nice if it had an uninstalled feature within the dashboard, in the SAS part of the application online, because it would do everything itself. Unless it is something that I have missed or that I didn't see. 

    With FortiEDR you can go in, and you can uninstall from the dash, find the endpoint you right-click, or you click a button, then you choose to uninstall and it pulls it from the machine. You don't have to put in any keys, or anything. It does it from there. I don't believe that Cylance does that, but it would be nice if it did.

    We have a team of two, myself and my colleague maintain this solution.

    What about the implementation team?

    The deployment and implementation were completed in-house.

    What other advice do I have?

    I would advise that they keep in mind what it doesn't do and be open to looking at things that include more and cost less.

    I would rate CylanceProtect a four out of ten.

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Buyer's Guide
    CylancePROTECT
    July 2022
    Learn what your peers think about CylancePROTECT. Get advice and tips from experienced pros sharing their opinions. Updated: July 2022.
    610,190 professionals have used our research since 2012.
    Sean Muller - PeerSpot reviewer
    IT Security manager at a energy/utilities company with 201-500 employees
    Real User
    Top 5Leaderboard
    Scalable product, needs work on false positives detection and application integration
    Pros and Cons
    • "The most functional item that we use is the process to turn off the false flags that it causes."
    • "They could improve on the false positives, reporting and whitelisting features."

    What is our primary use case?

    We put the product on all of our desktops and servers.

    How has it helped my organization?

    The solution has broken down the organization by taking down the network about six times in two years.

    What is most valuable?

    The most functional item that we use is the process to turn off the false flags that it causes.

    What needs improvement?

    They could improve on the false positives, reporting and whitelisting features.

    For future releases, it would be helpful to have an easy uninstall button. The reason being, unless you connect the system to the internet, which you may not want to do, Cylance cannot be uninstalled easily. They claim it's practically impossible. If you have access to the online admin panel, it's very easy to uninstall Cylance. There is no easy way to uninstall locally. I have read online there is a convoluted way with a series of reboots and safety reboots that you could possibly do it locally.

    For how long have I used the solution?

    I have been using it for about two years.

    What do I think about the stability of the solution?

    It is not stable. The solution has caused six crashes over two years, with one of them requiring us to rebuild all of our Windows 10 devices.

    What do I think about the scalability of the solution?

    Scalability is pretty good. We have around 100 users using the solution. However, when we rebuild new desktops, we're not installing it on them.

    Which solution did I use previously and why did I switch?

    We have used Symantec before and a MSSP came in with a package to help us get more secure, but it really was a failure.

    What was our ROI?

    The biggest issue we have with the product is it gives false positives.

    What other advice do I have?

    Beware and work out a process to restore items that were deleted by false flags.

    Work out a process to investigate any odd behaviour or troubleshooting tickets with open source software being even a small sub-component.

    For the majority of installs, the Cylance is going to break because of the small sub-component that's open-source that is out of date. Always no matter what problem is happening, double-check to see if there were any flags in Cylance because it's probably going to be Cylance blocking something along the line. It will drive you nuts to work with your third-party technical support to track down an issue to then find out it was Cylance blocking one small facet of it.

    Work out all those details with your Cylance team first, this way, whenever you have an issue, you can identify that Cylance is involved because it's involved in everything.

    An example of an issue we were having was while we were trying to install a check scanner the install did not work. Cylance was blocking an old open source piece of software that comes from Kodak that you can't update because Kodak says it is the latest version of our installer for the check scanner. The installer for the check scanner includes the open-source piece of software from Kodak that's out of date. This causes the entire check scanner not to work, Cylance blocks the main installation because of the sub-installation of the open-source software.

    Make sure your ducks are in a row so that you can detect when Cylance is causing an issue, report it and get it whitelisted. If you do not, you're going to spend an inordinate amount of time figuring out whether or not Cylance did something to block you, whitelisting and then more time justifying why you need it whitelisted.

    I'm sure we were much more protected with it on, but the problem is if you're protecting me from my network being taken down, by taking my network down, you are not protecting it. For this reason, I rate CylancePROTECT a five out of ten.  

    Which deployment model are you using for this solution?

    Private Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Vice President Operations at a construction company with 11-50 employees
    Real User
    Top 10
    Easy to manage and deploy with a single-pane-of-glass to manage threats and updates
    Pros and Cons
    • "You can manage all the threats and everything from a centralized dashboard."
    • "It provides good insight into the programs, applications, or websites that may need attention."
    • "It is extremely simple to manage and deploy."
    • "The product does not do a lot of reporting on what it is taking care of. Enhanced reporting would be a welcome improvement."

    What is our primary use case?

    CylancePROTECT came packaged with our HR and IT management system, which was a selling point. It allows us to ensure that every single computer is always up to date as far as vulnerability protection and we can manage all the threats and everything from a centralized dashboard.  

    How has it helped my organization?

    We can see what is going on and that really allows us to have good insight into the programs that we should be working on, the applications or websites that may need attention — those type things. That insight has been a real positive for us so far.  

    What is most valuable?

    I think Cylance has just done a great job for us so far. I think that is the headliner for our experience with the product. The computer interface really has next to nothing on it, which is nice. You see what you need to see and there are really no distractions or extra noise.  

    We have not had anything major come up that the product has not handled — at least not that we have known of. There have been a total of zero issues.  

    What needs improvement?

    I would like to see a little bit of additional reporting or insight as to what it is doing exactly. I do not think I need anything else included in the next release that I know of. Honestly, just improvement in the reporting would be good enough.  

    For how long have I used the solution?

    I have been using Cylance PROTECT for two or three months.  

    What do I think about the stability of the solution?

    The stability of CylancePROTECT is great.  

    What do I think about the scalability of the solution?

    The scalability of CylancePROTECT is very good. We have about 15 staff members in your organization currently using the product on a variety of devices.  

    How are customer service and technical support?

    I have not had to call technical support during the time we have been using the product because we have had zero issues.  

    Which solution did I use previously and why did I switch?

    We did use other products before CylancePROTECT. I used Kaspersky Internet Security for a long time before we moved over to CylancePROTECT. We used Kaspersky Internet Security because it was a great fit for us.  

    In comparison, the only thing that I would say about Kaspersky is that sometimes on startup it would kind of slow the computer down a bit. It took up a lot of resources. It would just last for a short period of time on startup and then that would be it. Everything would return to normal.  

    The other thing was that, as a growing company, it was difficult to manage all the installs. To make sure that Kaspersky was provisioned out to every computer and that it was always up to date made for a little more maintenance than seemed necessary. That extra maintenance was really what influenced our decision to move over to the CylancePROTECT product.  

    How was the initial setup?

    The initial installation and setup are straightforward.  

    What about the implementation team?

    We did use a reseller for our initial deployment.  

    What's my experience with pricing, setup cost, and licensing?

    I believe the product cost is about $5, per user, per month.  

    What other advice do I have?

    CylancePROTECT is going to tell you if there are any issues and you are going to be able to see everything from one single dashboard. If there are any issues on any computers across your whole architecture you will know about it.  

    If there were advice that I would give to someone thinking about working with CylancePROTECT, I would just say it is extremely — extremely — simple to manage and deploy.  

    On a scale of one to ten (where one is the worst and ten is the best), I would rate CylancePROTECT as a ten-out-of-ten as per our experience with it thus far.  

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Orlando Barbosa - PeerSpot reviewer
    Head of Systems at SKN Caribecafe Ltda
    Real User
    Top 10
    Easy to adjust protection levels, very stable, and scalable
    Pros and Cons
    • "The solution is very quick at easily changing the levels of protection for each computer and the server."
    • "The company that sells us the licenses sometimes doesn't know how to do certain things."

    What is our primary use case?

    We primarily use the solution to protect us against ransomware.

    What is most valuable?

    The solution is very quick at easily changing the levels of protection for each computer and the server. It's very easy to control and to see what is happening with each computer. It's very easy to choose, which computer I can look at and check. 

    What needs improvement?

    It would be very important to have any kind of utility in the computer for Cylance to install monitoring into it in a simpler way. A computer should be able to self-scan on command. It is not easy to do that just yet. 

    The company that sells us the licenses sometimes doesn't know how to do certain things. They should be offered more training or something, or maybe we could cover out channels ourselves and could have the knowledge of how to do everything ourselves without a third party needing to be involved.

    For how long have I used the solution?

    I started using the solution for seven months or so.

    What do I think about the stability of the solution?

    The stability is quite good. There aren't bugs or glitches. It doesn't crash or freeze. It's reliable.

    What do I think about the scalability of the solution?

    The solution is very scalable. There aren't any issues with expanding the product.

    At this time, we have about 18 people on the solution.

    How are customer service and technical support?

    We haven't needed to reach out to technical support just yet. Therefore, I can't speak to their level of knowledge or responsiveness.

    Which solution did I use previously and why did I switch?

    We previously used McAfee. We were worried the solution wouldn't be able to effectively protect us, so we looked for other options.

    How was the initial setup?

    The initial setup was a little bit complex. We had to take some time learning the machines and how to protect ourselves. That part of the implementation took a good amount of time.

    We had a few problems setting everything up, and with those issues, it took us maybe two months to deploy the product in total.

    We currently have one person that handles the maintenance of the solution for us. He's an engineer.

    What about the implementation team?

    We did have one outside person that assisted us with the setup.

    We have a couple of issues surrounding licensing. The person who assisted us had a couple of problems trying to integrate another set of licenses that we had before.

    What other advice do I have?

    I don't know exactly which version we're using. A person in charge of that in our office was the person who looked for the product. I just read some things about it and I found that it was a very good product. 

    We have been trained to learn how to use the product and now we have a very good experience with it. The problem is, for me, sometimes it creeps into the computers and into the servers that we want to get running. Sometimes it has problems. That said, it's a very good product. We are okay with how it works.

    I would recommend Cylance. I think it's very good and very stable. The only thing to keep in mind is you to have a very good channel and someone who really knows how to use the console and everything

    Overall, I would rate the solution at a nine out of ten.

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Vice President Product and Strategy at a tech company with 201-500 employees
    Real User
    Top 10
    Scalable, with a straightforward setup and good virus protection
    Pros and Cons
    • "A user can continue to add endpoints and the solution will continue to perform well."
    • "Having worked with SentinelOne, Cylance is good, however, it probably needs to add a feature similar to SentinelOne's rollback functionality. With this feature, if you get infected, with a click, you can go back to the pre-infection state. If Cylance could add this functionality to their offering as well, that would be ideal."

    What is our primary use case?

    I primarily use the solution for security purposes. I use it for endpoint protection and response. That's the only real use case for us.

    What is most valuable?

    The product works pretty well. It does a good job catching good viruses. While we haven't had a chance to test against any kind of ransomware attack, I know it works great and I'm not worried about its capabilities in that respect.

    The initial setup was straightforward. 

    The solution has proven itself to be very stable and unobtrusive.

    A user can continue to add endpoints and the solution will continue to perform well.  

    Technical support is helpful and responsive. 

    What needs improvement?

    Having worked with SentinelOne, Cylance is good, however, it probably needs to add a feature similar to SentinelOne's rollback functionality. With this feature, if you get infected, with a click, you can go back to the pre-infection state. If Cylance could add this functionality to their offering as well, that would be ideal. 

    For how long have I used the solution?

    I've used the solution for only a few months at this point. It hasn't been too long. It's still rather new to me. 

    What do I think about the stability of the solution?

    The solution's stability is good. Most importantly, it is unintrusive. Even when it really goes through a lot of resources, it remains pretty stable. There are no bugs or glitches. It doesn't crash or freeze. it's reliable.

    What do I think about the scalability of the solution?

    The scalability is very good. I can add additional endpoints and the solution continues to perform well. If a company needs to expand, it should be able to do so with no problem. 

    We have thousands of departments. We are quite a sizeable business. 

    How are customer service and technical support?

    My understanding is that technical support is quite good. I don't deal with them directly, however, I have heard that they are helpful and responsive. I would say that we are satisfied with the level of support we receive.

    Which solution did I use previously and why did I switch?

    I've used both Cylance and SentinelOne. I have more experience with SentinelOne.

    However, they are very similar in terms of their offering. both offer good performance and are AI-driven with good machine learning capabilities. Neither has an impact on an endpoint's performance levels. They offer good protection as well. The biggest difference is that SentinelOne has a rollback feature, which is something Cylance should consider adding. 

    How was the initial setup?

    The initial setup is not complex. It's very straightforward and very easy to deploy. A company would not have any issues with the process. 

    What's my experience with pricing, setup cost, and licensing?

    I don't have any information in relation to the pricing or the licensing. it's not an aspect of the solution I deal with. 

    However, I can say that it's my understanding that it is 20% less expensive than SentinelOne.

    What other advice do I have?

    We are Cylance partners.

    I'm not sure which version of the solution we're using. It's likely the most up-to-date version. They update them quite often.

    I'd advise companies considering the solution to take some time to do a proof of concept to see how it would react in their environment and then decide if it is the right solution for them.

    I would rate the solution at an eight out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    President at a security firm with 11-50 employees
    Real User
    Top 10
    Good last line of defence with capabilities to detect attacks but needs to reduce false positives
    Pros and Cons
    • "In most cases, the solution's ability to detect in the MITRE framework, and its ability to be able to detect attacks in any one of seven or eight different areas of the life cycle of an attack is very useful."
    • "The product needs to continue to offer better alerts. In particular, around false positives. It needs to reduce them from happening."

    What is our primary use case?

    The solution is primarily used as the last line of defense for the customer. In regards to network security technologies that focus on protecting the network, the endpoint, if something gets through, someone brings it in, the endpoint protection will actually, as our last line of defense, detect it, prevent it from executing, and in some cases, actually remediate the issue. This solution is the last line of defense within your organization for events such as a breach and it also protects users.

    What is most valuable?

    In most cases, the solution's ability to detect in the MITRE framework and its ability to be able to detect attacks in any one of seven or eight different areas of the life cycle of an attack is very useful.

    What needs improvement?

    The product needs to continue to offer better alerts. In particular, around false positives. It needs to reduce them from happening.

    I can't speak to the solution lacking any features per se.

    For how long have I used the solution?

    In terms of reviewing the product, I've been dealing with it for about four or five years.

    What do I think about the stability of the solution?

    The stability isn't something that we measure. We're consultants and we just advise clients on if the solution is protecting them correctly or not. We don't look at stability issues.

    What do I think about the scalability of the solution?

    As consultants, we don't look at scaling. It's not an aspect of the solution I can comment on.

    How was the initial setup?

    We don't integrate or set the system up. I couldn't speak to how the deployment process happens, or how easy or hard it is. That's not an aspect of the solution we handle. We have nothing to do with implementing or managing the solution.

    What about the implementation team?

    We don't handle the implementation process at all or advise clients on it.

    Which other solutions did I evaluate?

    We deal with a variety of other solutions in the market. It depends on which our clients are working with. We evaluate their security based on what they have. Sometimes it's Cylance, however, that's not always the case.

    What other advice do I have?

    We're consultants. We don't have a direct relationship with Cylance. We are working with clients on security, and handle assurance-type work for them. We're not specifically working with Cylance, however, in some cases, we may be providing it from a security review standpoint. We'd look at the client and at the product and ask: Do they have it configured properly? Are they using it properly in their overall security strategy? et cetera.

    We're not managing it, we're not integrating it or installing in anything in that. We just look at it from a security review or assessment standpoint and tell the customer whether or not they have it properly implemented based upon what they're trying to accomplish.

    Clients may use a hybrid or a cloud deployment model and may have it on various clouds, such as AWS or Azure.

    I general, I would rate the solution at a seven out of ten.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    IT Infrastructure Manager at a financial services firm with 51-200 employees
    Real User
    Top 5
    Good security, cloud-based administration, lightweight, and stable
    Pros and Cons
    • "We are quite security-focused. Blackberry Protect as an endpoint solution for our service really delivers what we are expecting."
    • "We would like to see secure integration and multi-factor authentication to be able to access the administration dashboard."

    What is our primary use case?

    We are currently using Blackberry Protect as our main endpoint solution, for threat prevention, script control, and scanning of malware. This is the core functionality of the Protect module.

    We have the Blackberry Optics, which is the AI module of Blackberry Protect. It is called Blackberry Protect Plus Optics. The Optics feature logs all of the behavior of the servers. For example, when someone runs a PowerShell script and it blocks, it will learn the behavior and knows what to do the next time another user triggers that specific functionality.

    It is currently deployed on-premises but our administration dashboard is in the cloud.

    The agents are installed for our servers and reporting is to the Blackberry cloud.

    What is most valuable?

    This is still new to us. We have explored this solution and it fulfills our requirements, in terms of live malware detection.

    We are quite security-focused. Blackberry Protect as an endpoint solution for our service really delivers what we are expecting.

    What needs improvement?

    When it comes to the management of the application of agents, especially for us as an IT team the dashboard is much easier to manage in the McAfee solution.

    We were looking to have a multi-factor authentication with the administration dashboard to log in, because it's cloud-based. 

    There is no integration with Google Authenticator and other solution providers. 

    We would like to see secure integration and multi-factor authentication to be able to access the administration dashboard.

    For how long have I used the solution?

    We have been using Blackberry Protect for just less than a year.

    We are two versions behind the latest one.

    What do I think about the stability of the solution?

    Definitely, Blackberry Protect is a stable product. We have not had any kind of blue screen of death or crosstabs.

    It's really lightweight in terms of resource consumption as well and in terms of memory and CPU consumption, it's quite low which is very good for us for other applications.

    What do I think about the scalability of the solution?

    It's a scalable solution.

    We have approximately 150 people in our organization who are using it.

    Which solution did I use previously and why did I switch?

    We are also using Microsoft Outlook to block any kind of unwanted applications, which our users try to run in the background.

    How was the initial setup?

    The initial setup is very straightforward. You just click on the MSI and provide the key to register for it to sync to the cloud dashboard.

    We have a team of seven IT resources who have an account under Blackberry administration.

    What's my experience with pricing, setup cost, and licensing?

    We pay our license on a yearly basis and have just renewed for two years.

    Which other solutions did I evaluate?

    We have not evaluated other options. For the time being, we are very satisfied with what we have.

    What other advice do I have?

    I would definitely recommend this solution to others who are interested in using it.

    There is always room for improvement. I would rate Blackberry Protect an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Buyer's Guide
    Download our free CylancePROTECT Report and get advice and tips from experienced pros sharing their opinions.
    Updated: July 2022
    Buyer's Guide
    Download our free CylancePROTECT Report and get advice and tips from experienced pros sharing their opinions.