Thycotic and Cylance Partner to Enhance Application Control and Endpoint Protection
CylancePROTECT uses proprietary artificial intelligence (AI) to prevent malicious applications from executing and stopping fileless attacks from hijacking legitimate system resources. Privilege Manager enables security operations center (SOC) staff to set, monitor, enforce, and prove compliance with rigorous application and privileged access security policies.
Working together, CylancePROTECT and Privilege Manager combine their proactive strategies to prevent malware from exploiting endpoints, reducing organizational risk and optimizing operational efficiency.
“Security professionals can view CylancePROTECT threat scores from the Privilege Manager dashboard and initiate coordinated, enterprise-wide responses that range from updating quarantine lists to disconnecting offending endpoints for offline remediation,” said Didi Dayton, Vice President Worldwide Channels and Alliances at Cylance.
“Together, CylancePROTECT and Privilege Manager ensure that only legitimate applications are allowed to operate and that the data accessed by those applications adheres to established security policies.”
Cylance provides continuous protection by blocking malicious and unwanted or unauthorized applications before they execute, including stopping fileless attacks. Cylance’s AI-based intelligence, now available through Privilege Manager, provides a simplified console view specifically designed for help desk decision making. Compelling use cases include reputation reporting, global list management, and workflow integrity for application control.
“The partnership with Cylance allows users to check in real time the safety of applications while still keeping with the least privilege model,” said Jai Dargan, Vice President of Product Management at Thycotic.
“To ensure users at the endpoints are not prevented from doing their jobs, Privilege Manager will send an application to verify its reputation prior to execution. Privilege Manager can then elevate a clean application to execute or it can be added to a blacklist if found to be bad. The flexible rule set enables complete automation of applications and makes a solution that actually implements and enforces a least privilege security model.”
Use cases of the combined Cylance + Thycotic technology offering include:
- Application Execution Control. Preventing malicious applications from accessing restricted data is a prerequisite for achieving a robust security posture. CylancePROTECT and Privilege Manager consolidate and correlate information about applications attempting to execute in the environment to provide security teams with the detailed information they need for efficient forensic analysis and incident response. The Privilege Manager dashboard includes a one-click link to the CylancePROTECT Threat Details page, where security analysts can quickly assess suspect files and add them to whitelists or blacklists as appropriate.
- Reputation Reporting. During an investigation, security analysts must navigate between multiple applications to gather all available threat intelligence data to determine if endpoints and applications are safe. CylancePROTECT leverages AI to proactively stop threats and implement a prevention-first security posture. This allows incident responders to conduct investigations in a low-risk state and analyze aggregated data for speedier downstream decision making. Enterprise accounts or endpoints flagged as suspicious can quickly have their access permissions modified, thereby reducing the risk of further system infections.
Visit us today for additional details.