Cylance Review

Nice management display, easy to install, and works satisfactorily for standard protection


What is our primary use case?

We are part of a startup company that is operating in the same domain as this solution, so we tested it as part of the competition.

What is most valuable?

On the management side, we liked the way it displays things.

What needs improvement?

The downside is that the information displayed is not enriched enough. There was not much information available, that we could see. It should provide more details about the events that they have detected. There should be more information available post-incident. Basically, the user is informed that they have caught a threat, stopped it, and that's it.

Users want to know what the threat was, the type of attack, how it got in, which IP address, did it go into lateral movement, etc. The kind of information that could be analyzed by IT experts to take forward and understand whether the attack is continuing, or not. They have some of this information but compared to other products, it's basic.

For how long have I used the solution?

We tested this solution for about six months.

What do I think about the stability of the solution?

We did not thoroughly test its stability, but I can say that we didn't have any crashes or basic problems with it. In our tests, it did not crash, although we were focused on detecting threats as opposed to assessing stability.

What do I think about the scalability of the solution?

We installed this solution for five users.

How are customer service and technical support?

We did not contact technical support.

How was the initial setup?

The initial setup and installation of this solution are quite straightforward. Just download from the management console and install it. It's easy.

What about the implementation team?

We performed the installation ourselves.

Which other solutions did I evaluate?

We have evaluated many products. In fact, we tested most of them for our purposes of developing our own. Because we did a competitive analysis, we are keeping most of the information private. However, I can say that SentinelOne, CrowdStrike, and Carbon Black give you a lot more information than Cylance.

The majority of the leading solutions are quite good, and it's a tough market. For normal people, it is difficult to see the differences between them.

What other advice do I have?

The lack of details for the user is partly because of the way they detect. it is done passively, rather than dynamically, so they don't have a lot of information about the things that they already caught.

The suitability of this solution for any particular person will depend on their expectations. I would not rate this solution in the top five for things like presenting information, or ease of use. For standard protection they are ok, but if you have advanced demands, or a SOC, then I don't think that Cylance can compete with Carbon Black, CrowdStrike, or SentinelOne.

I would rate this solution an eight out of ten.

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
1 Comment

author avatarAndrew S. Baker (ASB)
Top 5PopularConsultant

You make some good points, and I hope that we'll see Blackberry add to this area moving forward.

That said, there's quite a bit of info via CylanceOptics, and overall the system utilization is very low.