Cylance, a Blackberry company since the early 2019 acquisition, developed their flagship business antivirus and endpoint protection software in CylancePROTECT, featured in business and home editions boasting artificial intelligence guided protection. BlackBerry Protect is a post-acquisition evolution of CylanceProtect.
N/A
Palo Alto Networks Cortex XDR
Score 8.8 out of 10
N/A
Traps
replaces traditional antivirus with multi-method prevention, a proprietary
combination of malware and exploit prevention methods that protect
users and endpoints from known and unknown threats.
We looked at Dell's Cylance product and decided against it for two reasons. The first is that it cost a lot more than what we eventually paid for Traps. The second was because initial configuration was very involved and prone to generating user issues until fine-tuning was …
Traps and its integration with central management tools by Palo Alto and wildfire was a better fit for our environment. Others provided similar levels of protection but in some cases did not live up to expectations as traps did. Palo Alto also worked with us to better Traps, …
If I had to recommend an endpoint AV solution, [BlackBerry Protect (CylancePROTECT)] would be on the list...in fact at the top of the current list. It is a cost effective solution. When we did the bakeoff in our selection we built 3 generic W10 PCs. We located a Malware repository on the internet and downloaded a package of 100. The first solution stopped 80% from installing, the second stopped 100%, [BlackBerry (CylancePROTECT)] would not let the package download! Winner winner chicken dinner :)
Malware that doesn’t leave files behind has become widely available. Anyone who can afford to reverse this trend should purchase technology. Application whitelisting isn’t for everyone, and Palo Alto Networks Traps can help. Enterprises looking for a low-affected, next-generation solution with high protection should consider it. PAN Traps is a great product at a reasonable price, and I highly recommend it.
Fast and Unobtrusive, users hardly notice that Cylance is running on their computer, except when it detects something malicious
User interface is simple for end users, and the management interface is streamlined and easy to get started with. The management interface has a quick tutorial that comes up upon first login that explains all the different aspects of how to configure CylanceProtect.
Customer support is fantastic - in that if you get stuck or need help understanding a feature/setting, they are quick to respond and help to ensure that your configuration is set as optimal as possible for your scenarios.
It would be great if there was a way for an administrator to make a file as safe from the end user device when a false positive has occurred (which is rare). At present and administrator has to log into the web console, create an exception and then wait 60-120 seconds for this to be effective on the end user device, still great, but this can be frustrating for users that are urgently trying to use the file.
Executive reporting could be better. Just a single page dashboard report that could be included in other monthly reporting.
Day to day, Cortex is easy to use when you have no alerts and when an agent upgrade doesn't go south. Alerts are far too "clicky", there's too many steps to drilling down to what actually happened to trigger an alert. Investigating alerts in Cortex takes about 5x longer than it should.
I have only used CylancePROTECT support one time and they were very fast and responsive with the answers that solved my issue. That is the only reason I gave them a 7 as I have only had one interaction with them.
The support we receive from Palo Alto is one of the best aspects of Traps. It is very easy to recommend their support. It seems much easier to connect directly with someone with a deep understanding of the product rather than other companies where you basically have to make an airtight case that it is some kind of non-standard issue that can't be solved with existing documentation. Palo Alto digs deep and helps with advanced troubleshooting to get things working.
Cylance, I believe is the only one that uses the predict and prevent execution of advanced threats and malware at the endpoint. Cylance is by far a superior product.
Traps is the slickest interface, easy to use and intuitive rule making, and the rest just didn't quite stack up to the performance level of Traps. McAfee and Kaspersky just hog processor and RAM power. I didn't like the interface and functionality of SentinelOne as much as Traps. Palo Alto really put a lot of time into the development of this software, and had some of the founding fathers of IT Security heading the development process. Can't beat that.