Malicious code can have a devastating effect on organizations. This has been clearly demonstrated again and again in recent cases such as the ransomworm WannaCry, which in 2017 exploited the vulnerability known as EternalBlue and infected more than 200,000 computers in 150 countries. Another ransomware that had a strong impact last year, Petya, infected the Danish company A.P. Moller-Maersk, resulting in losses estimated between $250 million and $300 million.
In fact, these two examples do not even represent a worst-case scenario. It is reasonable to imagine a situation where a stealthy piece of malware spreads across any organization’s computers, allowing them to be controlled by a remote attacker and leading to scenarios such as information leakage or destruction, critical infrastructure outages or even making the corporate infrastructure part of a botnet that will serve to spread new attacks.
With the continuing emergence of new threats, it is necessary to adopt different tactics capable of dealing even with the unknown. This is exactly what CylancePROTECT proposes.
What Is CylancePROTECT?
CylancePROTECT is an advanced threat protection solution that, unlike other traditional endpoint protection software, makes no use of malware signatures. Instead, it employs techniques such as machine learning and artificial intelligence, which allows the identification of malicious code based on its behavior. In theory, this ensures protection even against zero-day codes, malware that has never been seen before.
Among its key features, Cylance includes:
- True zero-day prevention
- AI-driven malware prevention
- Script management
- Device usage policy enforcement
- Memory exploitation detection and prevention
- Application control for fixed-function devices
Understanding How CylancePROTECT Works
Configuration and distribution: Cylance makes use of a centralized cloud console where you can define all the policies for the aforementioned key features. From here you can create custom installation packages, which greatly facilitates the software distribution if you have a (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Claudio Dodt. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/Askq5PVZy8U/