CylancePROTECT Review

The machine learning algorithm is able to protect systems against zero-day threats

How has it helped my organization?

My clients have not had to contend with time-consuming false positives, nor have they had to worry about zero-day attacks, even for systems which have been off the network for months.

What is most valuable?

The CylancePROTECT agent is very low on CPU usage, so it has virtually no adverse impact on my servers, desktops, or workstations.

I am also quite impressed with its ability to protect systems against zero-day threats due to the machine learning algorithm, which powers its database. Databases, as old as 2015, are able to accurately detect 2017-era threats, such as WannaCry and other ransomware.

What needs improvement?

The management console needs a little maturity in how it presents data and allows the administrator to drill down or search across systems.

For how long have I used the solution?

We have had this in production for four months across three clients.

What do I think about the stability of the solution?

We have had a few machines experience potential problems with the CylanceOPTICS supplementary agent, but we have not narrowed down the issue as of yet. That is a total of two machines across over 100 deployed.

What do I think about the scalability of the solution?

So far, no.

How are customer service and technical support?

Customer Service:

10 out of 10. Customer service has been very responsive (going through a managed provider).

Technical Support:

10 out of 10. Technical support has been stellar (going through a managed provider).

Which solution did I use previously and why did I switch?

Yes, I used and supported a previous solution, but changed, because of system performance impact, and management of the client-side activity databases. (The old solution had a slightly better GUI, but not enough to offset the other concerns.)

How was the initial setup?

The initial setup was very straightforward.

  1. Install agent on system, apply key, and device comes up in the portal.
  2. Automatically apply monitoring policy.
  3. Verify the baseline, and quarantine or whitelist all detected files.
  4. Apply active policy.

Also, the installation did not require a reboot.

What about the implementation team?

Implementation was conducted with support of the Managed Service Provider, who was top notch in their knowledge and support of the toolset.

What was our ROI?

We expect our ROI to be eight months, especially when taking into account the time spent with customers dealing with ransomware recovery over the past two years.

What's my experience with pricing, setup cost, and licensing?

The initial endpoint cost may seem a little high (~$55/device/year), but when you look at the total peace of mind that the solution of Cylance endpoint protection provides, with no reboots for updates, and negligible performance impact, it is well worth it.

Which other solutions did I evaluate?

We evaluated Webroot, Symantec, Sophos, and Barkly.

What other advice do I have?

We would encourage everyone evaluating endpoint protection solutions to run a 30-day pilot (minimum) in their own environments and with a representative set of devices. Be sure to test the management of the systems, including the policy management and whitelisting/exception management.

**Disclosure: My company has a business relationship with this vendor other than being a customer: We have been using it on our own network, and now we have signed on to be a reseller of this solution through a Managed Service Provider. We believe the solution is *that* good.
More CylancePROTECT reviews from users
...who compared it with Symantec Norton 360 [EOL]
Add a Comment