Cylanceoptics enhances automated incident response

London, UK

Cylance Inc., a leading provider of AI-driven, prevention-first security solutions, has released its response playbooks for automated incident response as part of the company's endpoint detect and respond offering, Cylanceoptics.

Cylanceoptics customers around the world now benefit from the ability to set up consistent, multistep, automated responses or “playbooks” for immediate execution on an endpoint where a threat detection occurs. Playbook responses work from a set of AI-based rules that describe actions executed against input data and triggered by an event. Cylance playbooks include the effective replication of security analyst decision making with no cloud or human intervention required.

“A minor security event can turn into a widespread, uncontrolled security incident in a matter of milliseconds,” said Sasi Murthy, vice president of product marketing at Cylance. “By turning every endpoint into a miniature security operations centre, we provide organisations the ability to instantly detect and respond to threats locally without having to send data to the cloud, which saves valuable time and reduces the risk of a damaging—and very public—compromise.”

Cylanceoptics exposes field-tested artificial intelligence to detect and prevent advanced threats, enabling organisations to use automated analyses to disrupt attackers across their environments. It also builds the policies for device control and memory exploitation protection that prevent attacks from executing in the network. By creating automated playbooks within Cylanceoptics, organisations can be confident that appropriate and strategic responses will be taken, regardless of who is staffing the security environment.

One of the biggest challenges security teams face today is the widening global cyber security skills shortage, with some forecasts estimating shortfall of some two million positions in 2019. Response playbooks expand the capabilities of Cylance’s next-generation AI platform by enabling automated incident response, freeing up analysts for higher-value tasks without an increase in headcount or process complexity.


Product Suppliers
Back to top