What is endpoint detection and response?

Endpoint detection and response (EDR) is a cybersecurity solution that involves continuous monitoring and gathering data from endpoints to discover and address cyberthreats in real-time. EDR extends on the capabilities of an endpoint protection platform (EPP) by proactively identifying cyberthreats and preventing widespread security incidents.

What is an EDR system?

An endpoint detection and response (EDR) system or solution is an on-premises, cloud-based or hybrid software platform that monitors network endpoints for security incidents and can identify and respond to cyberattacks as well as provide contextual information to security teams for advanced threat hunting.

What is BlackBerry endpoint detection and response (EDR)?

BlackBerry Optics is a fast, reliable endpoint detection and response solution. Our EDR approach effectively eliminates response latency and can be the difference between a minor security incident and a widespread, uncontrolled event.

What is BlackBerry Optics?

BlackBerry Optics is a fast, reliable endpoint detection and response solution. Our EDR approach effectively eliminates response latency and can be the difference between a minor security incident and a widespread, uncontrolled event.

Endpoint Detection and Response from BlackBerry

Don’t Be a Victim of Ransomware—Avoid Cyberattacks with CylanceOPTICS

Cloud-native CylanceOPTICS^® provides on-device threat detection and remediation across your organization—in milliseconds. Our EDR approach effectively eliminates response latency. It can be the difference between a minor security incident and a widespread, uncontrolled event.

Free Trial

Edge AI

Identify security threats and trigger automated responses on-device with security and context-driven threat detection rules powered by Cylance AI to reduce detection and remediation time.

Cloud-Enabled

Gain visibility with consolidated, AI-driven security and an enterprise-wide view of all endpoint activity, empowering detection and response capabilities for online and offline devices.

Deep Insight

Enable threat hunting and root cause analysis experiences with intuitive query language and up to 365 days of data retention options.

DOWNLOAD THE DATA SHEET

Why Choose CylanceOPTICS

CLOUD-ENABLED
EDGE AI
MINIMIZE ATTACK SURFACE
RESPOND IN MILLISECONDS
DEEP INSIGHT

Cloud-Enabled—Not Cloud-Dependent

Cloud-based CylanceOPTICS provides monitoring and visibility that span your entire organization, enabling detection and threat hunting for both online and offline devices.

DOWNLOAD THE DATA SHEET

Quickly Detect and Respond to Ransomware

Ready to move beyond attack visibility? Cylance AI-driven security proactively detects and automates response capabilities. So you can find and neutralize advanced cyberthreats in milliseconds—not hours or days.

DOWNLOAD THE DATA SHEET

Quickly Detect and Respond to Ransomware

Prevent Widespread Incidents with Machine Learning

CylanceOPTICS mitigates and contains threats at the endpoints—drastically minimizing your attack surface and potential lateral movement. So your SOC teams have more time to perform essential duties, instead of monitoring and re-imaging compromised endpoints.

DOWNLOAD THE DATA SHEET

Prevent Widespread Incidents with Machine Learning

Custom Automated Responses

CylanceOPTICS has a built-in playbook with automated incident responses to mitigate endpoint threats. As it automatically collects relevant security information for hunting and forensic analysis, you’ll save your SOC analysts some time.

DOWNLOAD THE DATA SHEET

Unconstrained Threat Hunting

Our advanced, intuitive querying capabilities with Query language objects is purpose-built for MITRE ATT&CK^®. It’s designed to enable deep insight for threat hunting and forensics with superior data retention packages—30 days out-of-the-box and up to 365 days.

DOWNLOAD THE DATA SHEET

Why Choose CylanceOPTICS

CLOUD-ENABLED

Cloud-Enabled—Not Cloud-Dependent

Cloud-based CylanceOPTICS provides monitoring and visibility that span your entire organization, enabling detection and threat hunting for both online and offline devices.

DOWNLOAD THE DATA SHEET
EDGE AI

Quickly Detect and Respond to Ransomware

Ready to move beyond attack visibility? Cylance AI-driven security proactively detects and automates response capabilities. So you can find and neutralize advanced cyberthreats in milliseconds—not hours or days.

DOWNLOAD THE DATA SHEET
MINIMIZE ATTACK SURFACE

Prevent Widespread Incidents with Machine Learning

CylanceOPTICS mitigates and contains threats at the endpoints—drastically minimizing your attack surface and potential lateral movement. So your SOC teams have more time to perform essential duties, instead of monitoring and re-imaging compromised endpoints.

DOWNLOAD THE DATA SHEET
RESPOND IN MILLISECONDS

Custom Automated Responses

CylanceOPTICS has a built-in playbook with automated incident responses to mitigate endpoint threats. As it automatically collects relevant security information for hunting and forensic analysis, you’ll save your SOC analysts some time.

DOWNLOAD THE DATA SHEET
DEEP INSIGHT

Unconstrained Threat Hunting

Our advanced, intuitive querying capabilities with Query language objects is purpose-built for MITRE ATT&CK^®. It’s designed to enable deep insight for threat hunting and forensics with superior data retention packages—30 days out-of-the-box and up to 365 days.

DOWNLOAD THE DATA SHEET

CylanceOPTICS Capabilities

EDR Engine
Automated forensic events logging
Automated response
Custom detection rules
Integrated MITRE ATT&CK
Secure remote response
Private Network Visibility
Advanced Scripting Visibility
Deep Insight 30-day retention, included
Deep Insight 90-day, 365-day retention, available
Cryptomining detection
Audit logging

Get the Solution Brief

We work hard to earn our customer’s trust, so we’re very selective about the products we include in our service portfolio. They must be effective, easy to manage, and have a spotless reputation for customer support. We made the right decision when we chose BlackBerry Protect and BlackBerry Optics.

Maurizio Bertaboni, Chief Technology Officer, BeSafe

More Case Studies

All of the products we evaluated had strengths. It came down to which one we thought would produce the least noise. We concluded that BlackBerry Optics had the most flexible detection and response framework, which would allow us to fine-tune its detection rules to minimize false positives.

Steven Elliott, Chief Information Security Officer, Prospect Capital Management

More Case Studies

BlackBerry Fully Detects and Protects in SE Labs Test

CylancePROTECT^® and CylanceOPTICS won the AAA award for detecting and preventing cyberattacks during SE Labs Breach Response Test. This test subjected BlackBerry products to a wide range of publicly available hacking attacks. All threats were stopped before damage occurred.

Gain and Maintain an Edge Over Attackers

Artificial Intelligence, Real Performance

Artificial Intelligence, Real Performance

Cylance AI-driven security threat prevention and response and attack mitigation prevents cyberattacks that legacy products miss while simultaneously reducing alert fatigue.

Gain Deep Insight

An extensive set of manual and automated incident investigation and threat hunting tools provide your analysts with seamless access to endpoint data.

Workflow-Based Incident Response

React to threats at machine speed. Automated playbooks can drive responses to detected threats, taking immediate action without human intervention.

READ THE SOLUTION BRIEF

CylanceOPTICS Dashboard View

Managed XDR — CylanceGUARD

CylanceGUARD® is 24x7 managed extended detection and response service for prevention-first cybersecurity.

Learn More

BlackBerry Spark^® Suite – UEM & UES

For comprehensive unified endpoint management and security, BlackBerry Spark Unified Endpoint Management Suite plus BlackBerry Cyber Unified Endpoint Security offer complete protection.

BlackBerry^® Cyber Suite – UES

Cylance AI-driven security endpoint solution proactively delivers protection, detection and response, integrated mobile threat defense, continuous authentication and adaptive risk scoring.

Resources

Data Sheet

CylanceOPTICS

Learn More

Solution Brief

CylanceOPTICS

Third-Party Evaluation

BlackBerry MITRE ATT&CK APT20

Read Now

Report

BlackBerry 2022 Threat Report

Read Report

View More Resources