Re: Cylance

[Rob Milman <rob.milman () SAIT CA>]

Hi Shaun,

I agree with the comments about moving on from signature based AV, but with caution. Some "next-gen" endpoint 
protection does not have the quarantine and disinfect capabilities that we have grown so used to over the years. I 
can't speak for Cylance, but most are running a combination of both traditional AV and "next-gen" behavior based 
endpoint protection.

As a side note, we are piloting Microsoft Advanced Threat Protection on our Windows 10 machines and it's been nothing 
short of impressive. It has alerted us to one ransomware infection that was stopped before any damage was done and 
provided a complete chain of event that led up to the infection. I  was impressed by how far Microsoft has upped their 
game in this area.

Regards,

Rob

[cid:image004.png@01D18F19.9217E950]

Rob Milman
Security & Compliance Analyst
Information Systems

Southern Alberta Institute of Technology
EH Crandell Building, GA 214
1301 - 16 Avenue NW, Calgary AB, T2M 0L4

(Office) 403.774.5401  (Cell) 403.606.3173
rob.milman () sait ca<mailto:rob.milman () sait ca>





From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Shaun 
Gray
Sent: Wednesday, June 07, 2017 12:47 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Cylance

Anyone have any experience with Cylance? I'm strongly considering moving on from Symantec. The sales pitch sounds great 
with the intelligence, but a part of me wants to hold on to my old definition based AV. Anyone have thoughts on this 
product or approach?


Dr. Shaun L. Gray, GSEC
Network Engineer
Medford Township Board of Education
P / 609-975-6159
[CloudPlus Logo Certified CE]