Details on Cylance Offering

Tier 1 Offering – PREVENTION

This entry level Cylance offering is designed to provide AI prevention from malicious malware.

- Full Licensing, Training and Support for CylancePROTECT

  • Support available Mon-Fri 8:00am to 8:00PM EST

- Set up of individual Cylance Tenant, with 24x7 administrative access

  • Multi Tenancy Console setup and administrative access (minimum seat requirement)
 

Tier 2 Offering – PREVENTION/EDR/BASIC SOC SERVICES

This mid-tier Cylance offering is designed to provide AI prevention, EDR detections, and Security Operation Center services.

- Full Licensing, Training, and Support for CylancePROTECT & CylanceOPTICS

  • Support available Mon-Fri 8:00am to 8:00PM EST

- Set up of individual Cylance Tenant, with 24x7 administrative access

  • Multi Tenancy Console setup and administrative access (minimum seat requirement)

- SOC Services

  • Our AI driven SIEM analyzes the Cylance logs from your Cylance tenant
  • Our aiSIEM will generate alerts for our SOC Analysts based off pre-defined attack surfaces
    • - These include malware being quarantined, abnormal amount of quarantines in a 30min period, specific tools, etc.

      - If an alert is generated one of our SOC Analyst will triage the incident to determine if further action is needed

        • If we find there is suspicious, abnormal, or malicious activity we will contact you with our findings
        • We will provide guidance on our recommendation on starting your remediation
  • TPF Report Cards twice a month that report on best practice compliance within your Cylance implementation
 

Tier 3 Offering – PREVENTION/ADVANCED EDR/ADVANCED SOC SERVICES

This all-inclusive Cylance offering is designed to provide AI prevention, customized EDR detections/responses, and advanced Security Operation Center services.

- Full Licensing, Training, and Support for CylancePROTECT & CylanceOPTICS & aiSIEM

  • Unlimited Support 24x7

- Set up of individual Cylance Tenant, with 24x7 administrative access

  • Multi Tenancy Console setup and administrative access (minimum seat requirement)

- Direct 24x7 access to aiSIEM Console

- SOC Services

  • Our AI driven SIEM analyzes the Cylance logs from your Cylance tenant
  • Our aiSIEM will generate alerts for our SOC Analysts based off pre-defined attack surfaces

      - These include malware being quarantined, abnormal amount of quarantines in a 30min period, specific tools, etc.

      - If an alert is generated one of our SOC analysts will triage the incident to determine if further action is needed

      • If we find there is suspicious, abnormal, or malicious activity we will contact you with our findings
      • We will provide guidance on our recommendation on starting your remediation
    • - These alerts will also be delivered directly to an alias of your choice

  • TPF Report Cards twice a month that report on best practice compliance within your Cylance implementation

- Active Ready Response

  • Ability for our SOC to Isolate endpoints in the event of a breach, compromise, or infection to prevent further infection or exfiltration
  • Ability for our SOC to validate if further action is needed based of a Cylance alert

    - Case 1: ARR validates the machine is clean and no further action is needed

    - Case 2: ARR finds footholds in the environment (that caused the Cylance alert) that require quarantining of the endpoint to prevent further propagation.

- Custom OPTICS Rules developed by Solutions Granted, Inc engineers

- We will maintain 1-year worth of Cylance logs for you and your customers (available upon request)

  • This is key to adhere to compliance requirements that mandate you must maintain logging from your AV

“Security is not our job, it is our responsibility!”

Michael Crean, CEO, Solutions Granted, Inc