It could have integration with industrial base HMIS or Human Machine Interfaces Solutions. This is the industrial environment where you have a control center for all the automation that's happening, whether it is oil, gas, or chemical manufacturing. They often have to set up a computer at the back and watch the other stuff to get alerts. In these autonomous or on-premises environments, they often don't have access to email readily. Integration with other industrial solutions, such as HMIS, will allow them to communicate and get an alert that something has been found. This way, they can react to it sooner than having somebody watch the screen and keep checking the screen. Rockwell has its own suite. Similarly, Honeywell has its own suite. There's also an independent HMI/historian solution provider out there called VTSCADA. We actually get asked if we can get it to show up on a screen, which is difficult. Getting those alerts to work within an industrial environment would be a huge plus.

Not having OPTICS doesn't allow us to do any history. We don't have OPTICS, but FortiEDR comes with things like OPTICS, which is nice because we are not able to see more. 

OPTICS gives you things that FortiEDR has built in. For Cylance, there is an add-on to do the things that come with that solution.

It would be nice if Cylance didn't separate PROTECT and OPTICS and put them together and made them on the same price point as FortiEDR, and some other ones rather than having to pay extra for something that the others already have built-in, and seen to do better.

It often lets you waive something for the firm or for the whole company and then comes back and blocks the same thing because you have to do the certificate instead of the hash. You are finding yourself having to approve for the same program, the same application, the same file more than once and it's frustrating.

While the deployment of updates is easy, it would be good to have some more information about which version to use, because the versions that are available seem to be outdated. 

When you go to the admin section, you will see that you will have the latest update from months ago and a month before that, and a month before that. 

I have a hard time believing that there are no more updates in between when there are things that are out all the time. It just doesn't make you feel like you're getting covered or have the best protection, which you should have. 

They could improve on the false positives, reporting and whitelisting features.

For future releases, it would be helpful to have an easy uninstall button. The reason being, unless you connect the system to the internet, which you may not want to do, Cylance cannot be uninstalled easily. They claim it's practically impossible. If you have access to the online admin panel, it's very easy to uninstall Cylance. There is no easy way to uninstall locally. I have read online there is a convoluted way with a series of reboots and safety reboots that you could possibly do it locally.

I would like to see a little bit of additional reporting or insight as to what it is doing exactly. I do not think I need anything else included in the next release that I know of. Honestly, just improvement in the reporting would be good enough.  

It would be very important to have any kind of utility in the computer for Cylance to install monitoring into it in a simpler way. A computer should be able to self-scan on command. It is not easy to do that just yet. 

The company that sells us the licenses sometimes doesn't know how to do certain things. They should be offered more training or something, or maybe we could cover out channels ourselves and could have the knowledge of how to do everything ourselves without a third party needing to be involved.

Having worked with SentinelOne, Cylance is good, however, it probably needs to add a feature similar to SentinelOne's rollback functionality. With this feature, if you get infected, with a click, you can go back to the pre-infection state. If Cylance could add this functionality to their offering as well, that would be ideal. 

The product needs to continue to offer better alerts. In particular, around false positives. It needs to reduce them from happening.

I can't speak to the solution lacking any features per se.

If they can add more features on top of their Persona feature that would be ideal. It could also improve the UEBA feature of Cylance.

When it comes to the management of the application of agents, especially for us as an IT team the dashboard is much easier to manage in the McAfee solution.

We were looking to have a multi-factor authentication with the administration dashboard to log in, because it's cloud-based. 

There is no integration with Google Authenticator and other solution providers. 

We would like to see secure integration and multi-factor authentication to be able to access the administration dashboard.

I find the price for Blackberry Protect expensive, so that's an area for improvement.

The process of whitelisting a script that you want to be able to run can be a little bit difficult, or awkward. Some enhancements to this process would be an improvement.

I have already suggested features that need to be improved and Blackberry is already working on those improvements. For example, the interface and the Cylance Optics need to be improved a fair bit.

It's a good solution but some features just need to be updated.

I'd like them to do software distribution too, but they said that that's architecturally not at the product line. I'd like to see where they can push to avoid using another product to push the agents.

The implementation was complicated requiring some things that felt unsafe. After that, it was easy

CylancePROTECT's dashboard could be more user-friendly.