“Every day, rogue insiders and external threat actors exploit valid user credentials to launch cyber attacks, so there is a clear need for organizations to ensure every user logged into their network can be trusted anytime and at all times,” said Eric Cornelius, chief product officer at BlackBerry Cylance. “CylancePERSONA addresses this challenge. With a combination of flexible initial authentication, user-centric biometrics, AI behavioral monitoring, and automated active responses, CylancePERSONA delivers a scalable, efficient, effective solution that can ensure trust of the user is continuous.”
Unlike other user monitoring solutions that rely on network traffic analysis or focus on detection without the ability to respond automatically, CylancePERSONA sensors are able to detect and score both malicious and anomalous conduct. CylancePERSONA monitors user activity and calculates a Cylance Trust Score; if the user trust score drops below a given threshold, step-up authentication action or suspension can be automatically initiated.
“Stealing valid credentials and impersonating users are two of the most successful vectors used by attackers,” said Rob Davis, founder and chief executive officer of Critical Start. “CylancePERSONA is the first solution to provide organizations a technology that can detect and respond to the use of stolen credentials on the endpoint—both on and off the corporate network.”
Key features of CylancePERSONA include:
· Behavioral biometric analysis: Continuous monitoring of user behavior with real-time detection of suspicious keyboard and mouse actions that could indicate an imposter.
· User conduct monitoring and analysis: Real-time monitoring of user actions with instant identification of anomalous user activity to indicate a possible remote account takeover.
· Contextual authentication analysis: Making use of previous user login activity such as location, time, or method to ensure current login attempts are valid.
· Automated user-centric response: Ability to interrupt user activity automatically upon detection of anomalous or suspicious actions with responses such as user logoff, suspended processes, and step-up authentication.
· Malicious and anomalous conduct detection – Ability to reduce false positives using baseline user activity.
· Cloud-based APIs: Enablement of zero-trust integration to third-party products using the Cylance Trust Score.