deckv9_ians presentation_10 questions to ask endpoint vendors

Artificial Intelligence. Real Threat Prevention. Todd Benshoof – NorCal Sales Director IANS Conference

$2.4B Worth Of Noise – Investment Focus On The Endpoint

The Cylance Approach to Security

© 2015 Cylance, Inc. 3

Isolation

Whitelisting

Enterprise Detection & Response

Exploit Prevention

Antivirus

AI No Human-Derived Detection Methods

Framework Created By Former CISO of Intel, Malcolm Harkins

10 Questions To Ask

Buyers Guide: Secrets To Endpoint Security Evaluations

4.5M Endpoints Protected – Stories From The Field

Cylance CEO – Stuart McClure Former CTO of McAfee, Former CISO Of Kaiser Permanente

Cylance Chief Scientist- Ryan Permeh Former Chief Scientist of McAfee

Cylance CISO – Malcolm Harkins Former CISO of Intel

Drivers Behind A New Endpoint Strategy

Risk

Cost

RESPOND

DETECT

PREVENT

Automated Manual

Control Approaches

Con

trol T

ypes

Focus is on Minimizing damage – only variables are time to detect and time to contain

Focus is on Minimizing vulnerability and potential for harm

Semi-Automated

Highest Risk Highest Cost Most Liability

Lowest Risk Lowest Cost Limited Liability

9 Boxes Of Control

Source: Upcoming Release of Managing Risk and Information Security 2nd Edition – Malcolm Harkins End User Impact

Risk

Cost

RESPOND

DETECT

PREVENT

Automated Manual

Control Approaches

Con

trol T

ypes



Semi-Automated

Where most of the industry is focused



9 Boxes Of Control

Source: Upcoming Release of Managing Risk and Information Security 2nd Edition – Malcolm Harkins End User Impact

3rd Party Data Feeds To Make Convictions? #1

Source: cgma.org

Can We Test Offline? #2

Source: gfi.com |

Will Your Behavioral Analysis / IOC’s Stop Ransomware?

#2.1

Source: gfi.com |

Will you protect against packed malware? #3

Legitimate Packer Software

Do You Have A Demo vs. Production Mode? #4

False Positives Efficacy

Is Your Comparative Marketing Accurate? #5

Can I Consolidate? What Is Your Largest Signature Based AV Replacement?

#6

Privacy? What Are You Accessing & Where Does It Go?

#7

Weaponized Unstructured Data? Scripts? Fileless Attacks via Memory?

#8

Or

End User Impact? Deployment & Required Staffing Per 1K Endpoints?

#9

What Is Required To Do A POC? #10

“Don’t believe us. Don’t believe our competitors. Believe in yourself, and Test It Yourself.”

Cylance CEO Stuart McClure

Risk

Cost

RESPOND

DETECT

PREVENT

Automated Manual

Control Approaches

Con

trol T

ypes



Semi-Automated

Where most of the industry is focused



9 Boxes Of Control

Source: Upcoming Release of Managing Risk and Information Security 2nd Edition – Malcolm Harkins

1/10th | 1/40th

70%

99%

ç ç

Impact Of The New Strategy In Cylance Community

ç

Market Validation

VisionaryQuadrantLeader

“CylanceiseasilythefastestgrowingEndpointProtec;onPla<ormstartupinthelasttenyears.”

“…veryaccurateatdetec;ngnewvariantsandrepackedversionsofexis;ngmalware.”

Market Validation




Source: accenture.com/securityvision

“Intelligent Automation Steps Up…CylancePROTECT uses AI to validate the risks”

Market Validation




“Intelligent Automation Steps Up…CylancePROTECT uses AI to validate the risks”

Source: accenture.com/securityvision

What is CylancePROTECT?

Unrivaled Threat Prevention & Protection

PREdictive PREvention PRE-Execution PRE-Zero-Day

Lightweight & Flexible •  1-3% CPU / ~40 MB Memory Footprint

Enterprise Ready •  Malware | Exploits | Scripts •  Microsoft Approved AV •  Windows & Mac OS X •  SaaS Convenience •  PCI-DSS / HIPAA Compliant

deckv9_ians presentation_10 questions to ask endpoint vendors

Documents