BlackBerry Cylance adds UEBA monitoring with CylancePERSONA

5,452

BlackBerry Cylance today introduced CylancePERSONA, an AI-driven proactive user and entity behaviour analytics (UEBA) add-on to their platform that adds  monitoring capabilities that identifies suspicious users in real time.

UEBA products started out as standalones aimed at larger enterprises, and some of the startups who made them have been acquired and their technology integrated into other people’s SIEMs.

CylancePERSONA adds user monitoring to the company’s expansive defense of the enterprise and augments the AI-driven prevention, detection, and response capabilities of the Cylance native AI platform. This lightweight solution combines continuous biometric behaviour and user conduct monitoring designed to identify suspicious users in real-time to prevent compromises.

“Every day, rogue insiders and external threat actors exploit valid user credentials to launch cyber attacks, so there is a clear need for organizations to ensure every user logged into their network can be trusted anytime and at all times,” said Eric Cornelius, Chief Product Officer at BlackBerry Cylance.

“CylancePERSONA addresses this challenge. With a combination of flexible initial authentication, user-centric biometrics, AI behavioral monitoring, and automated active responses, CylancePERSONA delivers a scalable, efficient, effective solution that can ensure trust of the user is continuous.”

Unlike other user monitoring solutions that rely on network traffic analysis or focus on detection without the ability to respond automatically, CylancePERSONA sensors are able to detect and score both malicious and anomalous conduct.

BlackBerry Cylance adds UEBA monitoring with CylancePERSONA

CylancePERSONA monitors user activity and calculates a Cylance Trust Score; if the user trust score drops below a given threshold, step-up authentication action or suspension can be automatically initiated.

“Stealing valid credentials and impersonating users are two of the most successful vectors used by attackers,” said Rob Davis, Founder and Chief Executive Officer of Critical Start.

“CylancePERSONA is the first solution to provide organizations a technology that can detect and respond to the use of stolen credentials on the endpoint—both on and off the corporate network.”

Key features of CylancePERSONA include:

  • Behavioral biometric analysis: Continuous monitoring of user behavior with real-time detection of suspicious keyboard and mouse actions that could indicate an imposter.
  • User conduct monitoring and analysis: Real-time monitoring of user actions with instant identification of anomalous user activity to indicate a possible remote account takeover.
  • Contextual authentication analysis: Making use of previous user login activity such as location, time, or method to ensure current login attempts are valid.
  • Automated user-centric response: Ability to interrupt user activity automatically upon detection of anomalous or suspicious actions with responses such as user logoff, suspended processes, and step-up authentication.
  • Malicious and anomalous conduct detection: Ability to reduce false positives using baseline user activity.
  • Cloud-based APIs: Enablement of zero-trust integration to third-party products using the Cylance Trust Score.

CylancePERSONA will be sold as an upsell to customers who have already bought their software, since it uses the same agent.

To learn more about CylancePROTECT® and the full potential of AI to prevent future threats, you can speak to Cylance’s experts in the North Hall of the Moscone Center at booth #6145 from March 4th-7th, 2019.

Rapid Mobile uses cookies, tokens, and other third party scripts to recognise visitors of our sites and services, remember your settings and privacy choices, and - depending on your settings and privacy choices - enable us and some key partners to collect information about you so that we can improve our services and deliver relevant ads.

 

By continuing to use our site or clicking Agree, you agree that Rapid Mobile and our key partners may collect data and use cookies for personalised ads and other purposes, as described more fully in our privacy policy.

 

You can change your settings at any time by clicking Manage Settings or by visiting our Privacy Centre for more detailed information.

 

Privacy Settings saved!
Cookie Services

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

These cookies are necessary for the website to function and enable essential services and functonality, including identify verification, service continuity and site security. Opt out is not availabe.

Essential Session management cookies for logged in users
  • wordpress_test_cookie
  • wordpress_logged_in_
  • wordpress_sec

For perfomance reasons we use Cloudflare as a CDN network. This saves a cookie "__cfduid" to apply security settings on a per-client basis. This cookie is strictly necessary for Cloudflare's security features and cannot be turned off.
  • __cfduid

Used by Spamshield to stop spam signups
  • _wpss_h_
  • _wpss_p_

Decline all Services
Accept all Services