Skip Navigation
BlackBerry ThreatVector Blog

Don’t Be Fooled: Cloud-Native Security Shouldn’t Mean Cloud-Constrained Capabilities

Moving critical IT operations to the cloud is extremely attractive to organizations seeking to reduce costs while benefitting from the ability to rapidly scale-up and scale-down those capabilities as needed, but of course security also remains a key concern.

When considering security provider options, organizations should look for solutions that leverage the convenience of the cloud for management but are not constrained by cloud dependencies for efficacy.

Organizations should also seek a provider who can offer protection from emerging threats and has expert security consultants in-house to drastically reduce the organization’s overall attack surface, both on premises and in the cloud.

The Benefits of a Cloud-Native SaaS

Cloud infrastructure providers generally employ a Shared Security Model whereby the provider maintains the security of the cloud, but the responsibility for what is deployed within the cloud resides with the user.

BlackBerry® Cylance® satisfies this requirement with cloud security products that provide feature parity to our best-in-class security solution. We do this by leveraging artificial intelligence (AI) to prevent both known and unknown attacks coupled with a highly scalable threat detection and response (EDR) solution for root cause analysis and threat hunting.

The BlackBerry Cylance solution protects installations running either Amazon Linux and Windows operating systems and streamlines cloud security operations by utilizing a lightweight agent with a small footprint that does not require regular reconfiguration or signature updates. It also does not result in excessive resource consumption as many competing products do, allowing for significant cost-savings.

Our management console options are designed to meet the specific needs of each customer, and users can enjoy the flexibility of our cloud-based management to centrally control security policies with ease.

Some internal and regulatory mandates require in house management. For these accounts, BlackBerry Cylance also offers both on-premises and hybrid offerings suited to meet those needs.

CylanceON-PREM™ is a standalone version of the CylancePROTECT® security product designed for isolated or air-gapped networks. CylanceON-PREM includes the Cylance Management Console and predictive threat detection models and affords security admins the ability to manually update without compromising internal security mandates by connecting to the internet or cloud services.

For those companies with limited internet connectivity due to design or operational constraints, CylanceHYBRID™ facilitates security-related communication between the cloud and local infrastructure without exposing the local network to the internet.

BlackBerry Cylance also provides a highly scalable solution that offers a single management console for all Windows, Linux, and Mac deployments, giving security teams a single view from which to update policies, generate reports, and perform any EDR remediation functions.

A Predictive Advantage Without Cloud Constraints

BlackBerry Cylance leverages the cloud for data-intensive advanced statistical analysis in our AI model development, and that conviction model resides directly on the endpoint itself. This offers the benefit of a highly effective pre-execution model that protects the complete attack surface with automated threat prevention, detection, and response capabilities.

Our unique AI approach protects against both known and unknown malware, fileless attacks, and zero-day payload execution on any endpoint, whether online or offline, and in environments where communication with the device is infrequent.

Our platform is not dependent on connectivity for cloud-based lookups for conviction efficacy, which means the solution can also prevent attacks in systems that are air-gapped or isolated from connectivity, and conviction is immediate compared to cloud-constrained solutions that deliver latent, post-event detection and response.

Best of all, BlackBerry Cylance’s Predictive Advantage is third-party validated as capable of blocking emerging threats on average 25 months before they are first detected in the wild (source: SE Labs Report).

Some of the benefits to our customers from this Predictive Advantage are obvious - such as protection from zero-days, polymorphic and repacked/obscured malware. Other less obvious benefits include providing a long window of protection to allow for the proper testing and deployment of patches without fear that systems critical to business operations could be interrupted.

Bolstering Cloud Security with Premium Consulting Services

Secure network architecture is of great importance in protecting an organization’s systems, both cloud and physical. Simply put, an attacker cannot compromise systems that they cannot access. With proper security protocols in place, organizations can reduce their attack surface by preventing an attacker who may have gained an initial foothold to one area of the network from compromising other segments of the network, whether on premises or in the cloud.

BlackBerry Cylance Consulting provides Cloud Security Assessments that evaluate the current security state of the cloud and identifies gaps that could create vulnerabilities. BlackBerry Cylance will closely inspect an organization’s cloud architecture to determine if the rules in place are sufficiently strict, that proper segmentation is in place, and that proper configurations are in place to reduce an organization’s attack surface.

BlackBerry Cylance experts provide recommendations for remediating these vulnerabilities and a roadmap detailing opportunities to improve security across the entire organization.

BlackBerry Cylance Consulting can also provide gap analysis to assess the cloud environment against industry and vendor best practices, incorporating well-known security frameworks into the assessment process to round out vendor best practices with the organization’s enterprise security and privacy strategies.

Conclusion

Today’s threat landscape requires solutions that are proactive in preventing attacks and are not constrained by cloud dependencies to deliver only after-the-fact detection and response. BlackBerry Cylance is proven to offer protection from emerging threats and has the expertise to drastically reduce your organization’s overall attack surface, both on premises and in the cloud.

Eric Cornelius

About Eric Cornelius

Chief Technology Officer – BlackBerry