CylanceOPTICS Reviews

The primary use would mainly be for intelligent intrusion detection and response. Our biggest customers are two pharmacies and a bank, so it would be applied in the financial and healthcare industries.  

The most valuable part of this solution is that it is advanced technology. Cylance is an engine, it is not a signature-based antivirus protection solution. It is based on the AI (Artificial Intelligence) and the ML (Machine Learning) models. Apart from the issue with the false positives — which is a known issue — the product could really not be more proactive in the way works.  

A signature-based protection solution goes out to a central server and picks up whatever the latest antivirus definition is that is out there and uses it as a blueprint to see if you have anything that is running that is included in the definition. This is a pre-defined list of malware processes and even if it is updated frequently, it is static.  

What Cylance does that is different than signature-based systems is that it is processor-powered monitoring. It remains on guard looking to see if there is something that is running that is out of the ordinary on your machine. It basically looks for anomalies. So if there is a behavior that raises a flag and that something is going on that should not be happening — it discovers an inconsistent behavior that does not look kosher — it will cancel the process. That is basically how it works.  

So, for example, if you can imagine if something malicious enters your system and it wants to read something from the registry. Maybe for you and me reading from the registry is fine, but for this other entity (or program or malware), Cylance detects the unusual behavior and makes a decision. In this case, it might decide this entity is not supposed to be reading the registry because it might want to change something inside of it. If it wants to change something, then it is a malware or some other type of intrusion. So Cylance stops the process as it is happening and blocks whatever is making the bad action. That is actively patrolling for malicious behavior.   

False positives could be improved. Cylance picks up a lot of them.  

If the people who are looking for this type of review are more into the business perspective and they are from an SME (Small and Medium Enterprise), then it is a fine solution. But let's say it is an SMB (Small to Medium-sized Businesses). In that case, Cylance might seem pretty pricey. A cost of $55 per user is a lot for anybody, and imagine you are a small business paying that amount for 70 users monthly.  

Whether the added security is worth it would probably depend on what type of data you are protecting.  

It is hard to say what additional features I would like to see included in the next release. I do not think about features so much in an antivirus solution as I do functionality. The thing is that when you try and combine too much in one product, you might sometimes end up affecting the product as a whole. If you are a home user, having a lot of features is great, because then you say to yourself once a year you pay a fee for protection to Norton or Avast or whatever consumer antivirus vendor. At that point, you are covered in a variety of ways with one payment and you do not have to think about multiple solutions. I think those consumer products naturally have to do more to attract their audience. You could be fine with that because it does everything for you. It does the firewall. It does the VPN. It does the antivirus. It does internet security. It does a whole list of things. But when you are in an organization like an SMB or SME, the management of all of those things is decentralized.  

So I would say, from my perspective, what Cylance can work on that would be the best effort would be to fix their alerting system so that the endpoint reporting is a bit more streamlined.  

A second thing to do is to do a little bit more advertisement because not many people in the world even know that these solutions are available. It really almost gives them a license to freely broadcast that they are one of the best solutions. They are depending too much currently on word of mouth.  

I have been working with Blackberry Cyclance for about a year now.  

The stability of Cylance seems perfect. Compared to what McAfee was doing, we have left some boundaries behind. The good thing is that we did not have any breaches, ever, while using McAfee, so knock on wood for that. But Cylance found flaws inside of our security procedures that we had left vulnerable and the discoveries enabled us to close those holes and improve the reliability of our procedures.  

So, with McAfee, we did not have as good of a solution as we thought. It is not a solution that is proactive. I think that is a fair enough criticism of the product.  

From what we were told, we are going to keep on adding more licenses for our clients. The only thing that we might have to do is increase the capacity for the virtual machines, but that is about all that has to be done to increase the usage and scale up.  

We were actually using McAfee first and now we switched to Cylance last year. Cylance is a more advanced technology and that is why we chose to go with it.  

We engage with professional services to do the setup and deployment. On our side, there is not really much need for our input or involvement at that stage. But from what I know it is pretty straightforward for the clients.  

As far as the deployment, they put it on a virtual machine. Considering that, the deployment only takes about an hour. We have about 70 machines in total on the product at the bank. In order to have everything installed and everything running, it took about two days.  

I am the consultant, so I am just an intermediary. The clients have their own IDE (Integrated Development Environment). I do not have to get involved with that part of the implementation.  

For the license, we just paid for the number of endpoints we have and that is about it. In the end, the cost is about the same amount as McAfee, so they are definitely competitive when it comes to pricing.  

On a monthly basis, the licensing cost is $55 per user.  

We had been using McAfee for some time before considering Cylance. McAfee's performance seemed good and the support and everything are fine for us here. I have never had issues with them.  

But we saw a product demo of Cylance and we thought it was an interesting product and concept. We also know that the G7 countries in the world were the ones that used Cylance the most. We knew that was the case even before Cylance was bought over here by Blackberry. So the company already had a good standing and reputation before they started presenting demos. What had happened with the WannaCry ransomware virus about two or three years ago affected a lot of organizations. The people that were on Cylance were the ones who were not affected. So that fact alone was enough for us to strongly consider switching solutions. We ended up making the decision to migrate.  

Advice that I would give to anyone considering switching to this solution is you should go for it if you have the money set aside to switch. But also I would spend additional for professional services to handle your migration.  

On a scale of one to ten where one is the worst and ten is the best, I would rate the product as eight-and-a-half. That is because of all that it does, the comparison between the other products, and the fact that it is a vigilant AI / ML tool that proactively guards your system.  

The most valuable feature is the sandboxing.

The detection component is something that they have to work on.

The monitoring management is in need of improvement.

The detection and response are a little bit slow.

We are currently evaluating Cylance with a few other products in search of a replacement for our existing solution. We have been using it for approximately one month.

We have not been in contact with technical support.

The initial setup was of average difficulty. It was not that complex, but not easy, either. It was okay. We deployed it within a matter of hours, although this is not a full deployment. It is only on selected endpoints for evaluation purposes.

We are currently evaluating Cisco and Palo Alto Traps, in parallel with Cylance.

In this domain, Cylance is the newcomer. Symantec and Palo Alto Traps have been in operation for quite some time.

It is a bit early in our evaluation process to give proper feedback, although so far, the overall feedback is good.

I would rate this solution an eight out of ten.

We are an IT company and this is one of the solutions that we implement for our customers. I am a pre-sales solution architect in charge of cybersecurity.

The primary use of Cylance is endpoint detection and response (EDR). This solution moves away from traditional EDR to more advanced endpoint protection.

The most valuable feature is the ability to respond to zero-day and unknown threats. This is what is most often talked about by our customers. They want to pay to protect their endpoints.

Our customers would like to see more automation with respect to how threats are handled once they have been detected.

More advanced machine learning capability would improve Cylance.

I have six months of experience with Cylance.

Our customers use this solution on a daily basis and we haven't heard any complaints about stability.

I have worked with solutions from several vendors. The most popular vendor for security among customers is Palo Alto, but that is for next-generation firewall solutions. The Palo Alto endpoint solution, Traps, is never talked about.

Symantec and Trend Micro have traditional endpoint protection solutions but we are focused on Cylance and recommend it. 

I have not received much feedback but Cylance seems to be able to meet our customers' requirements for the time being.

I would rate this solution a seven out of ten.

CylanceOPTICS is easy to use. 

The product's technical support is slow. 

I have been using the product for three years. 

CylanceOPTICS is easy to use. 

I rate the solution a nine out of ten. 

We use it to detect and quarantine malware before it executes in the environment.

The product's most valuable features are auto-containment and script control. It automatically blocks the threats, helping us investigate if they harm the environment. It can also lock down the machine for investigation purposes.

The product's initial setup process could be easy. 

We have been using CylanceOPTICS for four years. At present, we use the latest version.

I rate the product's stability a ten out of ten.

We have more than 20 CylanceOPTICS users in our organization and different subsidiaries. I rate its scalability a ten out of ten.

The technical support team works proactively. Whenever we need their assistance, they schedule a meeting on Teams.

We used Kaspersky before. We switched to CylanceOPTICS, which is AI-based and provides EDR features.

The initial setup process is complex regarding integrating with the log management system. It requires assistance from the support team. It involves configuring different policies, including Guard Zero, Guard One, Guard Two, and so on. The transitioning process takes around three months to complete. It can be deployed on GitTrust.

I recommend CylanceOPTICS to other companies and rate it a ten out of ten. It is a user-friendly product.