BlackBerry Cylance, a business unit of BlackBerry Limited, announces the introduction of CylancePERSONA, the first proactive, native AI behavioural and biometrics analysis solution for the security industry. CylancePERSONA adds user monitoring to the company’s expansive defence of the enterprise and augments the AI-driven prevention, detection, and response capabilities of the Cylance native AI platform. This lightweight solution combines continuous biometric behaviour and user conduct monitoring designed to identify suspicious users in real-time to prevent compromises. Automated active responses “Every day, rogue insiders and external threat actors exploit valid user credentials to launch cyber attacks, so there is a clear need for organisations to ensure every user logged into their network can be trusted anytime and at all times,” said Eric Cornelius, chief product officer at BlackBerry Cylance. CylancePERSONA sensors are able to detect and score both malicious and anomalous conduct “CylancePERSONA addresses this challenge. With a combination of flexible initial authentication, user-centric biometrics, AI behavioral monitoring, and automated active responses, CylancePERSONA delivers a scalable, efficient, effective solution that can ensure trust of the user is continuous.” Unlike other user monitoring solutions that rely on network traffic analysis or focus on detection without the ability to respond automatically, CylancePERSONA sensors are able to detect and score both malicious and anomalous conduct. Stealing valid credentials CylancePERSONA monitors user activity and calculates a Cylance Trust Score; if the user trust score drops below a given threshold, step-up authentication action or suspension can be automatically initiated. “Stealing valid credentials and impersonating users are two of the most successful vectors used by attackers,” said Rob Davis, founder and chief executive officer of Critical Start. “CylancePERSONA is the first solution to provide organisations a technology that can detect and respond to the use of stolen credentials on the endpoint—both on and off the corporate network.” CylancePERSONA key features Key features of CylancePERSONA include: Behavioural biometric analysis: Continuous monitoring of user behaviour with real-time detection of suspicious keyboard and mouse actions that could indicate an imposter. User conduct monitoring and analysis: Real-time monitoring of user actions with instant identification of anomalous user activity to indicate a possible remote account takeover. Contextual authentication analysis: Making use of previous user login activity such as location, time, or method to ensure current login attempts are valid. Automated user-centric response: Ability to interrupt user activity automatically upon detection of anomalous or suspicious actions with responses such as user logoff, suspended processes, and step-up authentication. Malicious and anomalous conduct detection – Ability to reduce false positives using baseline user activity. Cloud-based APIs: Enablement of zero-trust integration to third-party products using the Cylance Trust Score.
The ICS event will be the only opportunity for students to take the SEC562:CyberCity Hands-on Kinetic Cyber Range Exercise SANS Institute will be running a dedicated Industrial Control Systems (ICS) security summit and training event including the innovative SANS SEC562: CyberCity Hands-on Kinetic Cyber Range Exercise in London this September. Cybersecurity ICS London 2016 runs from 19th to 25th of September and kicks off with the ICS summit including presentations offering an analysis of the cyber-attack on the Ukrainian power grid along with ICS sessions from experts from Audi, TFL and KPMG offering a broad line-up of topics. The 6 day event welcomes the updated ICS515: ICS Active Defence and Incident Response course led by Rob M. Lee, course author and former Cyber Warfare Operations Officer in the U.S. Air Force who was also recently named to the 2016 class of Forbes "30 Under 30" for Enterprise Technology. Only opportunity to take SEC562 The event will also be the only opportunity for students to take the SEC562: CyberCity Hands-on Kinetic Cyber Range Exercise that uses a virtual city complete with computers, networks, and programmable logic controllers operating the physical infrastructure, ranging from electrical power grids, water systems, and traffic systems all the way down to HVAC systems and industrial automation. The exciting course teaches participants how to analyse and assess the security of control systems and related infrastructures, finding vulnerabilities that could result in significant kinetic impact. The event will also be the only opportunity for students to take the SEC562: CyberCity Hands-on Kinetic Cyber Range Exercise The event also welcomes the popular SANS ICS410: ICS/SCADA Security Essentials that provides a foundational set of standardised skills and knowledge for industrial cybersecurity professionals. The course is designed to ensure that the workforce involved in supporting and defending industrial control systems is trained to keep the operational environment safe, secure, and resilient against current and emerging cyber threats. ICS410 will be led by its co-author Eric Cornelius, SANS instructor and Director of Critical Infrastructure and Industrial Control Systems (ICS) at Cylance, Inc. Previously, Eric served as the Deputy Director and Chief Technical Analyst for the Control Systems Security Program at the US Department of Homeland Security. SANS is offering an early bird discount on courses booked before August 10th