BlackBerry Cylance Cybersecurity Reviews

The best use case is that it actually lifts off a lot of burden on customers, especially when they are deploying Cylance compared to other solutions. 

One of the best features of the solution is that it's easy to deploy. Second is the management part and the protection. It's way ahead of the other solutions compared to the signature-based one.

The base platform, the CylancePROTECT is a very good technology. If you upgraded that into a CylanceOPTICS, that will also help, however, CylancePROTECT itself can do a lot of protection.

There's a feature that they added called PERSONA. This is AI-based user behavior monitoring which is very useful.

It's straightforward to deploy.

If they can add more features on top of their Persona feature that would be ideal. It could also improve the UEBA feature of Cylance.

I've been working with the solution for around five years. I started using it around 2016.

As a cloud-based management platform, it's very stable. The version of the agent is very minimal in terms of updates. In terms of support, they have very broad support on several operating systems. The stability is quite high for this kind of solution.

It's a cloud-based management platform. It's very scalable. It's easy to ramp up the number of devices that you want to be managed by this kind of solution. It's highly scalable.

Our clients have actually upgraded and ramped up the number of licenses from the first time I deployed and introduced them to the solution. Most of our customers have expanded usage via the number of licenses they have.

I've used technical support in the past. The technical support, the SLA, if they can improve that aspect of the product it'll be much appreciated.

Neutral

I've also worked with CylancePERSONA over the past year or so. 

The initial setup is very straightforward. It's not overly complex. 

The management and maintenance is also very easy. 

What I've heard from my customers is that Cylance, in terms of pricing, is a bit higher compared to other prominent solutions like Kaspersky and Symantec, however, that's about it in terms of what I know about the product pricing.

I'm working in a distributor company and we are actually selling CylancePROTECT.

The primary platform is a cloud-based solution. It is managed in the cloud. The one on-premise is called the hybrid platform where you can also do management locally on your site.

The best way to see the solution is to try it out. Try it first before worrying about pricing and see if it will meet your needs and how it works for your business.

I'd rate the solution eight out of ten. They simply need to improve the SLA, the response, and the Persona feature. If they do, I would rate it higher. 

CylancePROTECT's dashboard could be more user-friendly.

I've been using CylancePROTECT for three years.

CylancePROTECT is very stable - we've had no issues with performance and no errors or bugs.

CylancePROTECT is scalable.

CylancePROTECT's technical support is non-existent.

The initial setup was easy.

CylancePROTECT's pricing is reasonable, at about €18 per user, per year.

I would rate CylancePROTECT as nine out of ten.

We use this solution for endpoint protection for our external devices and laptops.

The deployment of updates is easy.

Not having OPTICS doesn't allow us to do any history. We don't have OPTICS, but FortiEDR comes with things like OPTICS, which is nice because we are not able to see more. 

OPTICS gives you things that FortiEDR has built in. For Cylance, there is an add-on to do the things that come with that solution.

It would be nice if Cylance didn't separate PROTECT and OPTICS and put them together and made them on the same price point as FortiEDR, and some other ones rather than having to pay extra for something that the others already have built-in, and seen to do better.

It often lets you waive something for the firm or for the whole company and then comes back and blocks the same thing because you have to do the certificate instead of the hash. You are finding yourself having to approve for the same program, the same application, the same file more than once and it's frustrating.

While the deployment of updates is easy, it would be good to have some more information about which version to use, because the versions that are available seem to be outdated. 

When you go to the admin section, you will see that you will have the latest update from months ago and a month before that, and a month before that. 

I have a hard time believing that there are no more updates in between when there are things that are out all the time. It just doesn't make you feel like you're getting covered or have the best protection, which you should have. 

I have been using this solution for two years.

We are using one of the newer versions. I don't always install the updates.

The stability varies. It's not consistent and it's frustrating.

Things that are blocked, you waive and it comes back. It's very frustrating. It doesn't keep up with the machines. 

You have a lot of machines and if you reimage a lot you will see many duplicates that you have to export and remove from figuring out which one's the MAC address. It should have an easy way to know that a machine is re-imaged, and not adding to your list of devices.

You end up having all these devices that are no longer being scanned that you have to figure out what they are. It is frustrating.

We have approximately 200 users in our organization. It's for everyone in our accounting firm, who are accountants, auditors, IT, and HR accounting.

We don't have plans to continue using this solution, we are considering other options.

We don't go through technical support directly. We go through a reseller and they take care of it. We have never directly talked to BlackBerry or Cylance about any issues that we have had.

Previously, we had McAfee ePO. We changed to CylaneProtect, a solution that we felt would be a better fit, and that was not managed in-house, on a local server that we used for that. It was time to move on from that.

The initial setup was fine. It's doesn't take a long time to deploy.

Uninstalling is difficult. Sometimes it doesn't remove easily, and that is frustrating. 

It would be nice if it had an uninstalled feature within the dashboard, in the SAS part of the application online, because it would do everything itself. Unless it is something that I have missed or that I didn't see. 

With FortiEDR you can go in, and you can uninstall from the dash, find the endpoint you right-click, or you click a button, then you choose to uninstall and it pulls it from the machine. You don't have to put in any keys, or anything. It does it from there. I don't believe that Cylance does that, but it would be nice if it did.

We have a team of two, myself and my colleague maintain this solution.

The deployment and implementation were completed in-house.

I would advise that they keep in mind what it doesn't do and be open to looking at things that include more and cost less.

I would rate CylanceProtect a four out of ten.

I primarily use the solution for security purposes. I use it for endpoint protection and response. That's the only real use case for us.

The product works pretty well. It does a good job catching good viruses. While we haven't had a chance to test against any kind of ransomware attack, I know it works great and I'm not worried about its capabilities in that respect.

The initial setup was straightforward. 

The solution has proven itself to be very stable and unobtrusive.

A user can continue to add endpoints and the solution will continue to perform well.  

Technical support is helpful and responsive. 

Having worked with SentinelOne, Cylance is good, however, it probably needs to add a feature similar to SentinelOne's rollback functionality. With this feature, if you get infected, with a click, you can go back to the pre-infection state. If Cylance could add this functionality to their offering as well, that would be ideal. 

I've used the solution for only a few months at this point. It hasn't been too long. It's still rather new to me. 

The solution's stability is good. Most importantly, it is unintrusive. Even when it really goes through a lot of resources, it remains pretty stable. There are no bugs or glitches. It doesn't crash or freeze. it's reliable.

The scalability is very good. I can add additional endpoints and the solution continues to perform well. If a company needs to expand, it should be able to do so with no problem. 

We have thousands of departments. We are quite a sizeable business. 

My understanding is that technical support is quite good. I don't deal with them directly, however, I have heard that they are helpful and responsive. I would say that we are satisfied with the level of support we receive.

I've used both Cylance and SentinelOne. I have more experience with SentinelOne.

However, they are very similar in terms of their offering. both offer good performance and are AI-driven with good machine learning capabilities. Neither has an impact on an endpoint's performance levels. They offer good protection as well. The biggest difference is that SentinelOne has a rollback feature, which is something Cylance should consider adding. 

The initial setup is not complex. It's very straightforward and very easy to deploy. A company would not have any issues with the process. 

I don't have any information in relation to the pricing or the licensing. it's not an aspect of the solution I deal with. 

However, I can say that it's my understanding that it is 20% less expensive than SentinelOne.

We are Cylance partners.

I'm not sure which version of the solution we're using. It's likely the most up-to-date version. They update them quite often.

I'd advise companies considering the solution to take some time to do a proof of concept to see how it would react in their environment and then decide if it is the right solution for them.

I would rate the solution at an eight out of ten.

We put the product on all of our desktops and servers.

The solution has broken down the organization by taking down the network about six times in two years.

The most functional item that we use is the process to turn off the false flags that it causes.

They could improve on the false positives, reporting and whitelisting features.

For future releases, it would be helpful to have an easy uninstall button. The reason being, unless you connect the system to the internet, which you may not want to do, Cylance cannot be uninstalled easily. They claim it's practically impossible. If you have access to the online admin panel, it's very easy to uninstall Cylance. There is no easy way to uninstall locally. I have read online there is a convoluted way with a series of reboots and safety reboots that you could possibly do it locally.

I have been using it for about two years.

It is not stable. The solution has caused six crashes over two years, with one of them requiring us to rebuild all of our Windows 10 devices.

Scalability is pretty good. We have around 100 users using the solution. However, when we rebuild new desktops, we're not installing it on them.

We have used Symantec before and a MSSP came in with a package to help us get more secure, but it really was a failure.

The biggest issue we have with the product is it gives false positives.

Beware and work out a process to restore items that were deleted by false flags.

Work out a process to investigate any odd behaviour or troubleshooting tickets with open source software being even a small sub-component.

For the majority of installs, the Cylance is going to break because of the small sub-component that's open-source that is out of date. Always no matter what problem is happening, double-check to see if there were any flags in Cylance because it's probably going to be Cylance blocking something along the line. It will drive you nuts to work with your third-party technical support to track down an issue to then find out it was Cylance blocking one small facet of it.

Work out all those details with your Cylance team first, this way, whenever you have an issue, you can identify that Cylance is involved because it's involved in everything.

An example of an issue we were having was while we were trying to install a check scanner the install did not work. Cylance was blocking an old open source piece of software that comes from Kodak that you can't update because Kodak says it is the latest version of our installer for the check scanner. The installer for the check scanner includes the open-source piece of software from Kodak that's out of date. This causes the entire check scanner not to work, Cylance blocks the main installation because of the sub-installation of the open-source software.

Make sure your ducks are in a row so that you can detect when Cylance is causing an issue, report it and get it whitelisted. If you do not, you're going to spend an inordinate amount of time figuring out whether or not Cylance did something to block you, whitelisting and then more time justifying why you need it whitelisted.

I'm sure we were much more protected with it on, but the problem is if you're protecting me from my network being taken down, by taking my network down, you are not protecting it. For this reason, I rate CylancePROTECT a five out of ten.  

We primarily use the solution to protect us against ransomware.

The solution is very quick at easily changing the levels of protection for each computer and the server. It's very easy to control and to see what is happening with each computer. It's very easy to choose, which computer I can look at and check. 

It would be very important to have any kind of utility in the computer for Cylance to install monitoring into it in a simpler way. A computer should be able to self-scan on command. It is not easy to do that just yet. 

The company that sells us the licenses sometimes doesn't know how to do certain things. They should be offered more training or something, or maybe we could cover out channels ourselves and could have the knowledge of how to do everything ourselves without a third party needing to be involved.

I started using the solution for seven months or so.

The stability is quite good. There aren't bugs or glitches. It doesn't crash or freeze. It's reliable.

The solution is very scalable. There aren't any issues with expanding the product.

At this time, we have about 18 people on the solution.

We haven't needed to reach out to technical support just yet. Therefore, I can't speak to their level of knowledge or responsiveness.

We previously used McAfee. We were worried the solution wouldn't be able to effectively protect us, so we looked for other options.

The initial setup was a little bit complex. We had to take some time learning the machines and how to protect ourselves. That part of the implementation took a good amount of time.

We had a few problems setting everything up, and with those issues, it took us maybe two months to deploy the product in total.

We currently have one person that handles the maintenance of the solution for us. He's an engineer.

We did have one outside person that assisted us with the setup.

We have a couple of issues surrounding licensing. The person who assisted us had a couple of problems trying to integrate another set of licenses that we had before.

I don't know exactly which version we're using. A person in charge of that in our office was the person who looked for the product. I just read some things about it and I found that it was a very good product. 

We have been trained to learn how to use the product and now we have a very good experience with it. The problem is, for me, sometimes it creeps into the computers and into the servers that we want to get running. Sometimes it has problems. That said, it's a very good product. We are okay with how it works.

I would recommend Cylance. I think it's very good and very stable. The only thing to keep in mind is you to have a very good channel and someone who really knows how to use the console and everything

Overall, I would rate the solution at a nine out of ten.

I direct our design and engineering teams, and we craft solutions for on-premises or autonomous networks in the industrial industry, such as oil and gas, water, and manufacturing.

We use this solution as a layered defense for the defense strategy for our on-premises clients. An attractive thing about this solution is that it uses AI official algorithms to not only discover known stuff but also to discover anomalous behavior and things that are out of the ordinary. It is not just signature-based; it is an algorithm or AI and machine learning.

From an administrative overhead point of view, there is a 75% reduction in administrating the solution.

The non-daily requirement to update signatures is the most valuable feature. From a functional point of view, it is pretty spot on. For instance, we compared an algorithm from five years ago to today's algorithm, and it was 98% accurate. It has the ability to detect and mitigate.

In the industrial environment that we work in, there's what we call OT versus IT. You are IT Central, but this is OT. Generally, we don't have the same level of skillset as IT individuals or IT professionals have. This particular product doesn't require you to be a computer scientist to be able to understand its proprietary algorithm and to be able to deploy, use, and work within it. It integrates well with a robust SIEM or SOAR solution, and it plays nice with others. We use other detection solutions like CyberX or site provision with Cisco, and it plays nice. That's one of the things we really liked about it.

It could have integration with industrial base HMIS or Human Machine Interfaces Solutions. This is the industrial environment where you have a control center for all the automation that's happening, whether it is oil, gas, or chemical manufacturing. They often have to set up a computer at the back and watch the other stuff to get alerts. In these autonomous or on-premises environments, they often don't have access to email readily. Integration with other industrial solutions, such as HMIS, will allow them to communicate and get an alert that something has been found. This way, they can react to it sooner than having somebody watch the screen and keep checking the screen. Rockwell has its own suite. Similarly, Honeywell has its own suite. There's also an independent HMI/historian solution provider out there called VTSCADA. We actually get asked if we can get it to show up on a screen, which is difficult. Getting those alerts to work within an industrial environment would be a huge plus.

I have been using this solution for about a year and a half.

It has been rock solid. We haven't had any hiccups in terms of compatibilities and server uptime. Everything, such as application and reliability, is there. It is very strong.

It scales extremely well. We're on the low end of the quantity, but it scales up into tens of thousands very easily.

We have the ability to go right into critical because of our partnership level with them. Their support has been exemplary.

The initial setup is pretty straightforward. Our guys are trained up in it. 

They like to see licensing at a higher level. That's not the norm for on-premises economist environments in the industrial industry. If you're an integrator versus an end user, they like to look at the quantity. Even though they like to start at quantities less than a thousand, it is cumulative. I've got a thousand clients at a hundred, so now I've got a 100,000. Therefore, don't let the scalability, where they like to play in tens of thousands, dissuade you from incorporating this product.

It is quite different from the standard signature-based approach to endpoint protection. At first, you're a little worried because you're so used to staying on top of it or having to stay on top of it versus building a level of trust that it is actually working, and I don't need to mother it.

I would rate CylancePROTECT a nine out of ten. I'll never give anybody a ten because that's a perfect world, and we don't live in a perfect world. This rating is based on my experience with Cylance from the onset, learning the product, working with it to roll it out, working independently, and interfacing with the client. It has been very outstanding.

We are currently using CylancePROTECT and CyclanceOPTICS.

Our primary use case is an anti-virus solution.

It is deployed globally throughout the organization.

Cylance is quite lightweight and does not require constant updates.

The Application Guard and ByteGuard are useful features.

The OPTICS component could be made more user-friendly with respect to giving people more information.

There are some issues that we have around our configuration, so I think that more training with respect to setup and configuration would be helpful.

I have been using Cylance for the past year and it has been in the organization for a couple of years.

This solution is very stable.

Cylance scales very well both on clients and servers. We have between 4,000 and 5,000 users.

I have not personally been in touch with technical support, but I know that when we have contacted them about anything in the past, they've been very responsive. Our account management team is very good, as well.

The company did use another solution prior to Cylance, but I don't know what it was.

The initial setup is very straightforward and the deployment took a few days.

We got a hold of the installation files and deployed them ourselves.

I think that the price we are paying is good for what it is. It could always be cheaper, but cheaper doesn't make it better.

Cylance is a product that I recommend trying. It is different from the traditional products that are out there like Symantec, McAfee, and Sophos.

This technology is very good, very stable, and we have great trust in it and what it delivers. They also do health checks from time to time and they help, which is useful.

This solution works well but there is always room for improvement. Nothing is perfect.

I would rate this solution an eight out of ten.