Why is Cylance Protect better then MacAfee or ESET?

Traditional or Legacy Anti-Virus tools used signatures to identify the presence of a new virus or malware infecting a machine.  The lifecycle went something like this – someone finds the use of a new threat in an environment, flags it up for review and profiling, and a new signature is created and pushed to the end points.  This process took months before end points were protected from the new virus.  With malware variants changing almost daily this process becomes impossible to keep up.  Cylance Protect uses mathematical machine learning patterns to detect malicious code the same day it’s created, which allows for the product to scale and grow with the evolving number of threats, reducing overall dwell time.

What is Dwell Time?

Dwell time is the time an attacker has an active foot hold in your environment, in which they’re able to execute attacks to collect data and move around your network. The current average dwell time sits at 229 days.  To help illustrate how dwell times can lead to significant damage, here are real dwell times from high-profile breaches:

  • Home Depot: 5 months
  • Michaels Stores: 8 months
  • PF Chang’s: 11 months
  • Sony: 1 year
What is the difference between Darktrace and Endpoint Detection & Response (EDR)?

Dark Trace is not an EDR specific solution. Darktrace Enterprise works by passively analyzing raw network traffic to form an evolving understanding of ‘normal’ for every user, device, and subnet in an organization.

What’s the difference between Cylance and Carbon Black?

Cylance (Protect + Optics) and Carbon Black (CB Defense) are both math-based next generation AV solutions that look at file hashes instead of signatures. Agio performed testing on both products, and chose Cylance based on their flexible partner model, and their overall product development roadmap.

Why can’t I just buy Cylance Protect + Optics and move on?  What’s different about Agio’s Offering?

Doing it on your own requires your team to review cybersecurity events and take action. This includes performing threat hunting, reviewing logs, enabling a SIEM for alerting, and creating your own rulesets. Agio’s solution offers all of this 24x7x365, along with reporting to showcase the value you’re bringing to your organization with our service.