CylanceOPTICS
Photo Gallery
 |
CylanceOPTICS
Additional Info
| Company | Cylance |
| Website | https://www.cylance.com/en-us/index.html |
| Company size (employees) | 500 to 999 |
| Type of solution | Software |
Overview
Many endpoint detection and response products require significant investment in on-premises infrastructure, or force an organization to stream data continuously to a cloud environment for storage and analysis. CylanceOPTICS instead enables zero-latency threat detection and response by storing and analyzing data locally on the endpoint. This approach means organizations can adopt EDR capabilities without adding infrastructure costs, while also increasing incident response speed. OPTICS targets collection of only security-relevant artifacts. This dramatically reduces the data storage required to maintain situational awareness across environments.
CylanceOPTICS v2.3 introduced AI-Driven Incident Prevention powered by machine learning threat detection modules. OPTICS continuously analyzes changes occurring on each endpoint to uncover threats that would be difficult, if not impossible, for a human analyst to uncover in a reasonable amount of time. When a potential threat is identified, CylanceOPTICS can take decisive actions, in real time, to stop the attack and avoid the cost, risk and long-term impacts that come with a widespread security incident.
Remote forensic data collection was also introduced in OPTICS v2.3 allowing the user to interact with endpoints to retrieve advanced sets of forensic data, execute scripts or applications to capture critical information related to any suspicious event or security incident.
The latest feature added to CylanceOPTICS allows organizations to adopt automated incident response that will drive consistent incident response, no matter the skill level of the security analyst or team. Response Playbooks add a mechanism that enables organizations to automatically execute response tasks (called packages in the product) on endpoints remotely when a rule (whether static, machine learning or custom rule) is triggered.
Milliseconds Matter: especially in cybersecurity
CylanceOPTICS EDR:
1. Makes automated decisions locally at the endpoint immediately
2. Eliminates the response latency that can cause a minor security event to grow into a widespread, uncontrolled security incident.
How we are different
●Hunt for Threats Across the Enterprise: Users can quickly search for files, executables, hash values and other indicators of compromise (IOCs) across the entirety of their network endpoints to uncover hidden threats.
●Endpoint Threat Detection: Suspicious behaviors and other indicators of potential compromise on endpoints will be uncovered automatically
●Rapid, Automated Incident Response: Users can retrieve critical forensic information from impacted endpoints, as well as take aggressive containment actions when a harmful endpoint is discovered. Create groups of responses and response execution parameters known as Response Playbooks.
