BlackBerry today launched CylanceGUARD, a managed detection and response (MDR) solution that leverages BlackBerry Cylance security experts and its native AI platform to provide continuous threat hunting and monitoring.
For an elite security organisation, threat hunting takes a proactive stance to threat detection; however, there are only a handful of organisations in industries such as financial services, high-tech manufacturing, and defense that can claim to have productive threat hunting teams that deliver results.
Many organisations without a mature security team are looking to external vendors to manage their threat hunting practice, allowing staff to focus on critical business initiatives. In its Worldwide Semiannual Security Spending Guide, IDC projects global spending on managed security services will reach more than $21 billion in 2019.
CylanceGUARD is a subscription-based offering that validates, triages, analyzes, prioritizes, and automates analyst and incident engagement. With alert automation, artificial intelligence and an advanced orchestration engine, CylanceGUARD simplifies complex technologies and workflows to dramatically reduce the time it takes to identify intrusions and act against attack proliferation.
“Alert fatigue is a real concern,” said Jason Bevis, Vice President of Threat Hunting, BlackBerry Cylance.
“With CylanceGUARD, organisations can benefit from a unified threat hunting, detection, and response approach, which enables in-house security teams to spend time on other organizational initiatives rather than recovering from breaches.”
It’s hard to detect the true signal of a threat when you’re drowning in a sea of extraneous alerts. CylanceGUARD automatically validates and triages alerts, collating forensic data and converting alert noise into threat intelligence.
CylanceGUARD can implement effective counter-measures quickly, limiting the impact of a breach and initiating playbook-driven automated responses ranging from taking infected systems offline to restoring known-safe system configurations.
CylanceGUARD orchestrates alert notifications and analyst interactions through defined escalation tiers with an online portal and both Android and iOS platform CylanceGUARD apps.
CylanceGUARD responds dynamically to changes in your environment with AI technologies that stop file-based and fileless attacks, assess indicators of compromise, and initiate responses that prevent security threats from becoming security incidents.
CylanceGUARD is staffed by a team of prevention experts and incident responders, who leverage the BlackBerry Cylance AI Platform to apply proven incident response methods, alert automation, and AI technology across customer endpoints, providing 24×7 threat hunting and monitoring.
BlackBerry Cylance customers can access a web portal for visibility into their security environments, as well as receive mobile warnings on iOS and Android devices, including delivered context to streamline investigations.