CylancePROTECT

Version: CylancePROTECT

CylancePROTECT is an integrated threat prevention solution that combines the power of artificial intelligence (AI) to block malware infections with additional security controls that safeguard against script-based, file less, memory, and external device based attacks.

Netsurion can generate flex reports, trigger alerts for user logon activity, configuration changes, device activity, exploitation attempt and threat detection.

Netsurion Data Source Integration for CylancePROTECT allows you to monitor the following components:

  • Security – Threat detection, script execution and exploitation attempt.
  • Operation – Configuration changes and device activities.
  • Compliance – User logon success.

Once CylancePROTECT is configured to deliver events to Netsurion Manager; alerts, dashboards and reports can be configured into Netsurion.

Some of the Data Source Integrations available in Netsurion are listed below.

Alerts

Type Name Description
Security Cylance - Threat detection This category provides information related to threats detected on agent systems.
Security Cylance - Exploitation attempt This category provides information related to memory exploitations detected on agent systems.
Security Cylance - Script execution This category provides information related to scripts executed by users.
Compliance Cylance - User logon succeeded This alert will be generated when a successful user logon happens.

Reports

Type Name Description
Security Cylance - Threat detection This report gives the information about all the threats detected by CylancePROTECT.
Security Cylance - Exploitation attempt This report gives information about memory exploitations detected by CylancePROTECT.
Security Cylance - Script execution This report gives information about scripts executed by the users.
Operations Cylance - Configuration changes This report gives the information about device configuration changes done by users.
Operations Cylance - Device activities This report gives information about device activity in agent systems.
Compliance Cylance - User logon This report gives information about successful user logon.

Documentation

The configuration details in this guide are consistent with Netsurion version 8.x and later and CylancePROTECT.

Download Integration Guide for more information.