CylancePROTECT Reviews

The solution is primarily used as the last line of defense for the customer. In regards to network security technologies that focus on protecting the network, the endpoint, if something gets through, someone brings it in, the endpoint protection will actually, as our last line of defense, detect it, prevent it from executing, and in some cases, actually remediate the issue. This solution is the last line of defense within your organization for events such as a breach and it also protects users.

In most cases, the solution's ability to detect in the MITRE framework and its ability to be able to detect attacks in any one of seven or eight different areas of the life cycle of an attack is very useful.

The product needs to continue to offer better alerts. In particular, around false positives. It needs to reduce them from happening.

I can't speak to the solution lacking any features per se.

In terms of reviewing the product, I've been dealing with it for about four or five years.

The stability isn't something that we measure. We're consultants and we just advise clients on if the solution is protecting them correctly or not. We don't look at stability issues.

As consultants, we don't look at scaling. It's not an aspect of the solution I can comment on.

We don't integrate or set the system up. I couldn't speak to how the deployment process happens, or how easy or hard it is. That's not an aspect of the solution we handle. We have nothing to do with implementing or managing the solution.

We don't handle the implementation process at all or advise clients on it.

We deal with a variety of other solutions in the market. It depends on which our clients are working with. We evaluate their security based on what they have. Sometimes it's Cylance, however, that's not always the case.

We're consultants. We don't have a direct relationship with Cylance. We are working with clients on security, and handle assurance-type work for them. We're not specifically working with Cylance, however, in some cases, we may be providing it from a security review standpoint. We'd look at the client and at the product and ask: Do they have it configured properly? Are they using it properly in their overall security strategy? et cetera.

We're not managing it, we're not integrating it or installing in anything in that. We just look at it from a security review or assessment standpoint and tell the customer whether or not they have it properly implemented based upon what they're trying to accomplish.

Clients may use a hybrid or a cloud deployment model and may have it on various clouds, such as AWS or Azure.

I general, I would rate the solution at a seven out of ten.

We are part of a startup company that is operating in the same domain as this solution, so we tested it as part of the competition.

On the management side, we liked the way it displays things.

The downside is that the information displayed is not enriched enough. There was not much information available, that we could see. It should provide more details about the events that they have detected. There should be more information available post-incident. Basically, the user is informed that they have caught a threat, stopped it, and that's it.

Users want to know what the threat was, the type of attack, how it got in, which IP address, did it go into lateral movement, etc. The kind of information that could be analyzed by IT experts to take forward and understand whether the attack is continuing, or not. They have some of this information but compared to other products, it's basic.

We did not thoroughly test its stability, but I can say that we didn't have any crashes or basic problems with it. In our tests, it did not crash, although we were focused on detecting threats as opposed to assessing stability.

We installed this solution for five users.

We did not contact technical support.

The initial setup and installation of this solution are quite straightforward. Just download from the management console and install it. It's easy.

We performed the installation ourselves.

We have evaluated many products. In fact, we tested most of them for our purposes of developing our own. Because we did a competitive analysis, we are keeping most of the information private. However, I can say that SentinelOne, CrowdStrike, and Carbon Black give you a lot more information than Cylance.

The majority of the leading solutions are quite good, and it's a tough market. For normal people, it is difficult to see the differences between them.

The lack of details for the user is partly because of the way they detect. it is done passively, rather than dynamically, so they don't have a lot of information about the things that they already caught.

The suitability of this solution for any particular person will depend on their expectations. I would not rate this solution in the top five for things like presenting information, or ease of use. For standard protection they are ok, but if you have advanced demands, or a SOC, then I don't think that Cylance can compete with Carbon Black, CrowdStrike, or SentinelOne.

I would rate this solution an eight out of ten.

We are currently using Blackberry Protect as our main endpoint solution, for threat prevention, script control, and scanning of malware. This is the core functionality of the Protect module.

We have the Blackberry Optics, which is the AI module of Blackberry Protect. It is called Blackberry Protect Plus Optics. The Optics feature logs all of the behavior of the servers. For example, when someone runs a PowerShell script and it blocks, it will learn the behavior and knows what to do the next time another user triggers that specific functionality.

It is currently deployed on-premises but our administration dashboard is in the cloud.

The agents are installed for our servers and reporting is to the Blackberry cloud.

This is still new to us. We have explored this solution and it fulfills our requirements, in terms of live malware detection.

We are quite security-focused. Blackberry Protect as an endpoint solution for our service really delivers what we are expecting.

When it comes to the management of the application of agents, especially for us as an IT team the dashboard is much easier to manage in the McAfee solution.

We were looking to have a multi-factor authentication with the administration dashboard to log in, because it's cloud-based. 

There is no integration with Google Authenticator and other solution providers. 

We would like to see secure integration and multi-factor authentication to be able to access the administration dashboard.

We have been using Blackberry Protect for just less than a year.

We are two versions behind the latest one.

Definitely, Blackberry Protect is a stable product. We have not had any kind of blue screen of death or crosstabs.

It's really lightweight in terms of resource consumption as well and in terms of memory and CPU consumption, it's quite low which is very good for us for other applications.

It's a scalable solution.

We have approximately 150 people in our organization who are using it.

We are also using Microsoft Outlook to block any kind of unwanted applications, which our users try to run in the background.

The initial setup is very straightforward. You just click on the MSI and provide the key to register for it to sync to the cloud dashboard.

We have a team of seven IT resources who have an account under Blackberry administration.

We pay our license on a yearly basis and have just renewed for two years.

We have not evaluated other options. For the time being, we are very satisfied with what we have.

I would definitely recommend this solution to others who are interested in using it.

There is always room for improvement. I would rate Blackberry Protect an eight out of ten.

We use this product as our antivirus solution.

The most valuable feature is that it's quite small, and does not consume too many system resources.

Improvements could be made on the user interface of the console. Also, right now it's just an antivirus and there's no firewall or anything. So we have to use the Windows firewall. It's a good firewall. But I think other companies have integrated products.

The solution needs better dashboards that are easier to use. Also, a better user interface. Maybe even firewall integration of some kind. It would be helpful if you could see which threats have been detected, and have more information about what is going on.

What I'm missing is a backup. In Norton, there was a backup included. In Cylance there is no backup, or at least no backup for the relevant system, programs, or software parts.

The solution is stable. It was no problem. All went quite well. There are no bugs or freezes.

Adding other computers wasn't a problem. Just send them the link and it works. We have about ten users.

Previously, we used Norton. We switched because Norton was very, very, heavy on consuming system resources. The computer itself was very, very slow and buggy. It took a lot of time for backup and things like that. 

We would just add more if there are new users, but right now you just need one license for per user.

You just have to download it from the Cylance website, so it's pretty easy. You have to be careful because if you have more firewalls you have to buy a separate product and the question is: How does it work with the firewall from a different vendor?

There should also be backup capability included.

I do, however, recommend the solution. I would rate this solution eight out of ten.

Does malware analysis. Blocks WannaCry and other attacks that have come out.

It lifted the burden on the helpdesk from having to keep computers updated with definitions and thus reduced the labor hours spent monitoring AV on endpoints.

It needs real analysis of quarantined files. The EDR product isn't showing much right now.

We have been using this solution for one year.

Some DLLs and in-house apps were quarantined. Alerting mode is the way to deploy this software for at least three weeks.

I did not encounter any issues with stability.

I did not encounter any issues with scalability.

I would rate customer service as excellent.

I would rate technical support as excellent.

The previous solution had too many things to monitor and required dedication to fix corrupt definitions. These required manual transfers and sometimes helpdesk time on the endpoint to fix the incumbent product.

We implemented it in-house with the help of the sales engineer.

The ROI is immense, particularly in less dedicated labor hours. The ROI was much more in terms of security, particularly when new security flaws have recently appeared. By virtue of having this software product, the C-level suite feels more secure, because IT does not have to start taking downtime to patch servers in a hurry.

Review closely how many endpoints you actually need before buying into a pricing level. Deal and deal with the VAR of your choice.

We evaluated Palo Alto Traps and Carbon Black.

Review the performance of Cylance over the next year and ask for a 60 day trial, not just a 30 day trial. Monitoring the growth of this company is very important to determine if the product remains at the level that is in today.

I primarily use the solution for security purposes. I use it for endpoint protection and response. That's the only real use case for us.

The product works pretty well. It does a good job catching good viruses. While we haven't had a chance to test against any kind of ransomware attack, I know it works great and I'm not worried about its capabilities in that respect.

The initial setup was straightforward. 

The solution has proven itself to be very stable and unobtrusive.

A user can continue to add endpoints and the solution will continue to perform well.  

Technical support is helpful and responsive. 

Having worked with SentinelOne, Cylance is good, however, it probably needs to add a feature similar to SentinelOne's rollback functionality. With this feature, if you get infected, with a click, you can go back to the pre-infection state. If Cylance could add this functionality to their offering as well, that would be ideal. 

I've used the solution for only a few months at this point. It hasn't been too long. It's still rather new to me. 

The solution's stability is good. Most importantly, it is unintrusive. Even when it really goes through a lot of resources, it remains pretty stable. There are no bugs or glitches. It doesn't crash or freeze. it's reliable.

The scalability is very good. I can add additional endpoints and the solution continues to perform well. If a company needs to expand, it should be able to do so with no problem. 

We have thousands of departments. We are quite a sizeable business. 

My understanding is that technical support is quite good. I don't deal with them directly, however, I have heard that they are helpful and responsive. I would say that we are satisfied with the level of support we receive.

I've used both Cylance and SentinelOne. I have more experience with SentinelOne.

However, they are very similar in terms of their offering. both offer good performance and are AI-driven with good machine learning capabilities. Neither has an impact on an endpoint's performance levels. They offer good protection as well. The biggest difference is that SentinelOne has a rollback feature, which is something Cylance should consider adding. 

The initial setup is not complex. It's very straightforward and very easy to deploy. A company would not have any issues with the process. 

I don't have any information in relation to the pricing or the licensing. it's not an aspect of the solution I deal with. 

However, I can say that it's my understanding that it is 20% less expensive than SentinelOne.

We are Cylance partners.

I'm not sure which version of the solution we're using. It's likely the most up-to-date version. They update them quite often.

I'd advise companies considering the solution to take some time to do a proof of concept to see how it would react in their environment and then decide if it is the right solution for them.

I would rate the solution at an eight out of ten.

We did a POC with Cylance, Bitdefender and ESAT. Cylance picked up Zero-Day Malware that the other two solutions did not quarantine.

With no on-premise hardware required, we easily deployed the Cylance solutions to our end-points. The Cylance Admin console is web-based and it's easy to create custom policies, add zones and manage all our end-points all in the same admin portal.

The protection, specifically for endpoint protection, has been the most valuable. With Cylance AI and Machine Learning, it's ensuring that all types of malware, PUP (Potential Unwanted Programs) and Memory Protection your endpoint devices are fully protected, even with day zero threats. Cylance also got the optics add-on for advance scanning and reporting, but most of the clients are more interested in the protection as this is all you need for your endpoint security.

To be honest, I think the product is, overall, quite good. It's working with AI Technology and machine learning that is connected to the Cylance Infinity Cloud. It picked up malicious files that other vendors didn't. It's actually been great on its own. Cylance is also launching mobile protection in 2020. At the moment the Cylance agent supports Windows, Mac OS and Linux devices, but they do not have an app for Android and IOS yet.

I've been using the solution for 2-3 months.

The solution is really stable. We use the solution for small and medium-sized enterprises.

The solution is extremely scalable. It's got the hybrid functionality, it's got the system functionality, and cloud functionality as well. 

The technical support is really great. We are working hand in hand with them.

The initial setup is easy. You have the option to install the endpoint client on all Windows devices, Mac OS and supported Linux OS. For Windows devices, you can download the exe file, or the MSI file for installation via Group policies to roll out on multiple endpoints at the same time.

You can obviously get in touch with a partner (Grove Group) like us, and we can arrange a POC for your business. While we're dealing with the POC, it will showcase the product and how valuable the product is for your business. Plus, it will actually show what defective files it's picking up in real-time. You can do a side by side comparison while you're running Cylance with your existing endpoint protection to see the difference in protection. You can see exactly what Cylance does pick up on both the endpoint device and the admin console. I also love the fact that the en-point software is not using a lot of resources on the client. I would say you should take the opportunity and run a POC and evaluate the software and you'll notice with the web interface, the admin dashboard on the website, how easy it is to work with Cylance and protect your endpoints. You don't need any on-prem servers to run the endpoints software. Go and experience Cylance and see how AI and Machine Learning is the future to protect your Business.

I would rate the solution as a 10 out of 10.

We are resellers and CylancePROTECT is one of the products that we offer to our customers.

The standard configuration is an agent that is deployed to every workstation. It protects against malware, scripting, and other threats using its built-in AI business logic.

The most valuable features are script blocking and macros within Word documents for stopping unwanted applications from running in the background.

The dashboard is good.

There is not too much overhead, which is good because you don't want unnecessary things that just build in bulk. 

The process of whitelisting a script that you want to be able to run can be a little bit difficult, or awkward. Some enhancements to this process would be an improvement.

I have been working with CylancePROTECT for about three years.

The stability is very good.

This is a scalable product. About 600 people in our organization use it.

I have not personally been in contact with technical support. However, we do have a support ticket, the odd time, and I would say that the support is good.

The initial setup is very easy.

The management platform is in the cloud and there is an agent on each device.

We have an in-house team that deploys this product for our customers.

This cost of the license is approximately $5 USD monthly per user.

I would rate this solution a nine out of ten.