Cylance and Securonix partner to support the interoperability of CylancePROTECT with the new release of the Securonix Security Analytics Platform.
Customers of Cylance and Securonix will now have the tools to implement a prevention-first security strategy with CylancePROTECT and Securonix’s Security Analytics Platform to view, enrich, and contextualize real-time intelligence collected at the endpoint.
In tandem, the two products will provide security operations center (SOC) teams with a single-pane view of both cloud and endpoint security events in addition to the protection and prevention capabilities required to detect and defeat virus, malware, ransomware, and other known and unknown threats.
Securonix Senior Vice President of Products Nitin Agale notes, “By integrating our Security Analytics Platform with CylancePROTECT, we not only prevent bad actors from infecting endpoint systems, but we also ensure that every attempt they make at moving laterally across the network can be promptly detected, traced, and terminated automatically before critical systems or data are compromised. In combination, CylancePROTECT and the Security Analytics Platform will enable SOC teams to minimize organizational risk while optimizing operational efficiency.”
Threats can be resolved and remediated automatically, minimizing not only time-to-detection but also the time between detection and quarantine. For example, if CylancePROTECT detects and blocks a malicious file at one endpoint, the Security Analytics Platform can respond by pushing out rules to every other endpoint on premises and in the cloud to quarantine that file and block its execution.
“Organizations need cybersecurity solutions that are proven to be effective at preventing both today’s and tomorrow’s advanced attacks while providing the actionable threat intelligence SOC teams need to proactively manage cyber risk across the enterprise,” said Didi Dayton, vice president of worldwide channels and alliances at Cylance.
“With CylancePROTECT guarding the endpoint and the Security Analytics Platform consolidating, assessing, and responding to security events in real time, organizations can be confident that their critical systems and data will remain secure, available, and infection-free.”
CylancePROTECT and the Security Analytics Platform provide a single pane view of security event activity:
1. CylancePROTECT prevents adversaries from gaining a foothold at the endpoint by detecting and blocking the execution of both file-based and fileless attacks and by applying policies for device and script control, application control, and memory exploitation protection.
2. The Security Analytics Platform uses RESTful APIs to ingest the security event data collected by CylancePROTECT at the endpoint. This includes not only information about suspect files, applications, scripts, and processes, but also event metadata, file attributes, and more.
3. The Security Analytics Platform aggregates and correlates ingested data with user behavior analytics and network-based threat indicators and applies machine learning algorithms to detect advanced and insider threats and rank them based on risk scores. The Security Analytics Platform then generates alerts for threats that exceed a pre-defined risk threshold.
4. SOC personnel can visualize and interrogate the resulting threat chain data within the Securonix management dashboard, drilling down and pivoting from one threat indicator to the next to trace and track the infection.