BlackBerry Cylance, a business unit of BlackBerry Limited, announces the introduction of CylancePERSONA, the first proactive, native AI behavioural and biometrics analysis solution for the security industry.
CylancePERSONA adds user monitoring to the company’s expansive defence of the enterprise and augments the AI-driven prevention, detection, and response capabilities of the Cylance native AI platform. This lightweight solution combines continuous biometric behaviour and user conduct monitoring designed to identify suspicious users in real-time to prevent compromises.
Automated active responses
“Every day, rogue insiders and external threat actors exploit valid user credentials to launch cyber attacks, so there is a clear need for organisations to ensure every user logged into their network can be trusted anytime and at all times,” said Eric Cornelius, chief product officer at BlackBerry Cylance.
CylancePERSONA sensors are able to detect and score both malicious and anomalous conduct
“CylancePERSONA addresses this challenge. With a combination of flexible initial authentication, user-centric biometrics, AI behavioral monitoring, and automated active responses, CylancePERSONA delivers a scalable, efficient, effective solution that can ensure trust of the user is continuous.” Unlike other user monitoring solutions that rely on network traffic analysis or focus on detection without the ability to respond automatically, CylancePERSONA sensors are able to detect and score both malicious and anomalous conduct.
Stealing valid credentials
CylancePERSONA monitors user activity and calculates a Cylance Trust Score; if the user trust score drops below a given threshold, step-up authentication action or suspension can be automatically initiated.
“Stealing valid credentials and impersonating users are two of the most successful vectors used by attackers,” said Rob Davis, founder and chief executive officer of Critical Start. “CylancePERSONA is the first solution to provide organisations a technology that can detect and respond to the use of stolen credentials on the endpoint—both on and off the corporate network.”
CylancePERSONA key features
Key features of CylancePERSONA include:
- Behavioural biometric analysis: Continuous monitoring of user behaviour with real-time detection of suspicious keyboard and mouse actions that could indicate an imposter.
- User conduct monitoring and analysis: Real-time monitoring of user actions with instant identification of anomalous user activity to indicate a possible remote account takeover.
- Contextual authentication analysis: Making use of previous user login activity such as location, time, or method to ensure current login attempts are valid.
- Automated user-centric response: Ability to interrupt user activity automatically upon detection of anomalous or suspicious actions with responses such as user logoff, suspended processes, and step-up authentication.
- Malicious and anomalous conduct detection – Ability to reduce false positives using baseline user activity.
- Cloud-based APIs: Enablement of zero-trust integration to third-party products using the Cylance Trust Score.