Cylance extends automated detect-and-respond capabilities in the enterprise
Sasi Murthy of Cylance
Cylance Inc., the provider of AI-driven, prevention-first security solutions, announced the availability of application programming interfaces (APIs) as part of its endpoint detect and respond offering, CylanceOPTICS.
Thousands of CylancePROTECT and OPTICS customers around the world now benefit from automated, repeatable tasks and the improved ability to identify and respond to advanced threats without an increase in headcount or process complexity. Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep critical systems secure.
CylanceOPTICS exposes field-tested artificial intelligence to detect and prevent advanced threats, enabling organisations to use automated analyses to disrupt attackers across their environments. It also builds the policies for device control and memory exploitation protection that prevent attacks from executing in the network.
“Data captured at the endpoint is important to many teams across the enterprise,” said Sasi Murthy, vice president of product marketing at Cylance.” By making that data accessible in real time, we can absolutely improve threat visibility, but we can also improve an organisation’s ability to drive policy compliance, monitor device health, and maintain situational awareness across their vast and changing IT environments.”
The availability of powerful APIs increases the sophistication of CylanceOPTICS by creating automated workflows to generate helpdesk tickets, initiate data collection, quarantine files, or launch other tasks in real time. Organisations large and small benefit from increased flexibility in their security stack because of the interoperability with existing technology investments such as security orchestration, automation, response (SOAR) and security information and event management (SIEM) tools.
Users of the Cylance next-generation AI platform enjoy the ability to correlate endpoint data against known and prospective threats, which provides increased understanding of the attack surface. Security teams also benefit from the speed and accuracy of bringing new devices online and implementing changes across their ecosystems on the fly.
To learn more about CylanceAPI, click here.
Comment on this article below or via Twitter @IoTGN