Keeping Cybersecurity Real: 3 Things to Look for in an MDR

In a world of deepfakes, spoofed websites and spear phishing, it’s refreshing to find something real. Especially when it’s a service that can rapidly increase the cybersecurity posture of your organization while at the same time reducing team member burnout.

CylanceMDR™ — the managed detection and response service from BlackBerry — is built on real and mature AI, provides truly proactive threat hunting, and augments your security team with certified experts in threat detection, incident response and forensics. In short, the positive outcomes of CylanceMDR are real. 

Real Performance, Positive Cybersecurity Outcomes

Pioneering AI at the Core

At the heart of CylanceMDR is Cylance® AI, the longest-running predictive AI platform in cybersecurity. 

• This continuously improving AI consistently outperforms other leading AIs in independent third-party testing: See the results for yourself. 
• Cylance AI is informed with proprietary intelligence. It analyzes telemetry for attack signals, prioritizes and presents structured cases for faster human-led investigation and response and even proactively stops attacks before damage can occur. Learn more in Predictive AI: What Works and How To Understand It.

Cybersecurity Outcomes from Real Cylance AI: reduces false positives; blocks almost every attack pre-execution; lowers the risk of a cyber-incident and its damages and/or disruptions to your environment.

Truly Proactive Threat Hunting

One of the primary advantages of CylanceMDR is its unparalleled threat hunting capabilities. Built on an open XDR architecture with out-of-the-box sensor integrations, the platform pulls telemetry from all your attack surfaces including endpoint, network, cloud, SaaS, identity and email.

This comprehensive view of the security landscape, combined with automated and human threat hunting, ensures rapid identification and mitigation of threats. Real threat hunting goes beyond just scanning for Indicators of Compromise or Attack (IOC/IOA).

• Cylance threat research labs constantly monitor global threat actors for the evolving methods and strategies being used to execute cyberattacks. Highlights of this intelligence are published quarterly as publicly available threat reports, while deep proprietary insights drive platform-level analysis and inform human-led investigation with a purview that is unique to CylanceMDR.  
• Off-the-shelf threat feed ingestion is supported as well so organizations can continue to leverage any additional sources of intelligence already in place.  
• The culmination of these intelligence insights, both proprietary and open, leads to a more robust and agile cybersecurity posture for CylanceMDR clients.
• The threat hunting capabilities of CylanceMDR uses both structured and unstructured methods, combining automated IOC/IOA detection with human-led, hypothesis-driven approaches tailored to the organization. The analysis of 30 days of historical data, as opposed to the industry standard of 7 days, further ensures that virtually no threats are missed.

Positive Cybersecurity Outcomes from Proactive Threat Hunting: Better threat intelligence means more effective risk mitigation as well as the ability to learn from attackers and look back to identify breaches even after they have happened. 

Expert Incident Response and Digital Forensics

CylanceMDR offers an extensive incident response service that far surpasses simple endpoint isolation.

• CylanceMDR incorporates automated, guided, and active response models. 
• The Digital Forensics and Incident Response (DFIR) team oversees all facets, from threat containment and eradication to system recovery and digital evidence analysis.
• With an impressive MTTR (mean time to remediation) of under 19 minutes, CylanceMDR utilizes efficient planning, streamlined processes, and automation to facilitate rapid and effective responses.

Positive Cybersecurity Outcomes from True Experts in Incident Response and Forensics: Whether you are under attack or recovering from a breach, CylanceMDR digital forensics and incident response allows you to tackle sophisticated threats by rapidly containing and eradicating threats and ultimately recovering the impacted systems. Our in-house team can respond quickly and help with post-incident reporting and analysis to fully understand an attack, its motives, and how to improve future defenses.

Conclusion

The effectiveness of an MDR service depends heavily on the tools deployed and, more importantly, on the level of expertise of the people leveraging those tools. At BlackBerry, we pride ourselves on the proven abilities of our team of security experts. Our team is battle-proven, industry-validated, and deeply-trained to secure any organization, anywhere.  

Related Reading

• 7 Key Findings: BlackBerry Threat Researchers Analyze Millions of Cyberattacks
• Explore CylanceMDR Powered by Cylance AI
• MITRE MDR Testing: CylanceMDR Goes Head to Head with Adversaries in MITRE Evaluation