BlackBerry Cylance launches first proactive behavioural analytics solution

This week, BlackBerry Cylance announced the newest addition to its leading native artificial intelligence (AI) platform. CylancePERSONA provides "continuous user authentication" across enterprises using the "Cylance Trust Score", according to the press release.

Defence enhancement

CylancePERSONA adds user monitoring to the company’s expansive enterprise defence portfolio. In addition to this, the solution augments the "AI-driven prevention, detection, and response capabilities of the Cylance native AI platform."

Moreover, CylancePERSONA combines continuous biometric behaviour and user conduct monitoring. As a result, companies can identify suspicious users in real-time and therefore prevent compromises before they occur.

Eric Cornelius, chief product officer at BlackBerry Cylance, commented on the daily exploitation of "valid user credentials" by rogue insiders and external threat actors. He stressed that there is a "clear need for organisations to ensure every user logged into their network" is trustworthy at all times.

Despite these frequent attacks, CylancePERSONA addresses this challenge. Cornelius added that the combination of "flexible initial authentication, user-centric biometrics, AI behavioural monitoring, and automated active responses" allows CylancePERSONA to deliver a "scalable, efficient, effective solution that can ensure trust of the user is continuous.”

What makes CylancePERSONA different?

Traditional user monitoring solutions rely on network traffic analysis or focus on detection but fail to respond automatically. However, CylancePERSONA sensors have the ability to detect and score malicious and anomalous conduct.

By monitoring user activity, the solution calculates a Cylance Trust Score. If a user trust score falls below a given threshold, the solution initiates step-up authentication or suspension.

CylancePERSONA also features contextual authentication analysis, which makes use of previous user login activity. The solution analyses location, time, or method in order to ensure current login attempts are valid.

Two of the most successful vectors used by attackers are stealing valid credentials and impersonating users. Rob Davis, founder and chief executive officer of Critical Start stated that “CylancePERSONA is the first solution to provide organisations a technology that can detect and respond to the use of stolen credentials on the endpoint—both on and off the corporate network.”

The motivations of bad actors have changed significantly. Listen to our podcast with tech evangelist and leading voice in cybersecurity Dr Andrew Aken to find out how