Post on 23-Jun-2020
Adam G. TomeoProduct Marketing Manager
Hands-On Protection:Consulting Services Enhance Threat Prevention
Adam G. Tomeo
Product Marketing Manager
• 15+ years in the IT and Professional Services Industry
• Expertise in Professional Services, Enterprise Software
and Hardware
• Held senior roles across the partner ecosystem
“Implementing a new process is never easy, but this
team made it easy, successful, fun, and interesting…
We ran into many hiccups due to our company and its
specialized functions. It was refreshing to see how
much support went into getting results. The Cylance
team feels like family, and I think that is a huge selling
point for me.”
IT Security Analyst, Wholesale Food Retailer
BlackBerry Cylance AI Platform
Cylance prevention-first approach to Security
1. Prevent as many threats as possible
2. Make detection and response easy and fast
3. Deliver flexible solutions that adapts to customer needs
Cylance
ConsultingLeveraging AI to detect
and quarantine threats,
eliminate vulnerabilities,
and move your
environment to a state
of PREVENTION.
The Forrester Wave: Midsize Cybersecurity Consulting Services, Q2 2019
• BlackBerry Cylance ranked as a Leader.
• BlackBerry Cylance’s threat prevention products drive its
approach to consulting engagements. The firm can couple
proprietary tools like CylancePROTECT® and
ThreatZERO™ with strategic Virtual CISO (vCISO)
services.
• Client references praised BlackBerry Cylance’s round-the-
clock availability and the close relationships they have
developed with the account team.
• BlackBerry Cylance is a good fit for customers interested in
BlackBerry Cylance products who want a threat centric
approach for their cybersecurity consulting engagements.
The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester Research, Inc. The Forrester Wave is a graphical
representation of Forrester's call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor,
product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.
Consulting Overview
• Integrated Practice Areas
• Dedicated Engagement Manager
• Holistic Approach
• Customized Solutions
• World-Renowned Security Authorities
• Global Coverage with Local Attention
Industrial Control Systems
Artificial intelligence/machine learning approach – revolutionary for this industry
Three pronged approach:
1. Discover the business impact of a cyber threat
on the ICS
2. Identify vulnerabilities and indicators of compromise
within the control system environment
3. Identify and prioritize mitigation strategies
Industrial Control Systems Services
Tactical
• ICS Security Fundamentals
• ICS Red Team Services
• ICS Compromise Assessment
• ICS Incident Response (Containment)
• ICS Component Testing
• ICS Component Analysis
Strategic
• ICS Security Assessment
• Building Automation Assessment
• ICS Policy Gap Analysis
• ICS Security Technology Assessment
• ICS Security Monitoring
• ICS Site Security Review
• ICS Backup and Recovery
• ICS Incident Response Program
Review and Development
Incident Response and Forensics
• Robust, lightweight, effective process leveraging best
technology available (AI)
• No network taps, agents, or monitoring of egress points
• Leverages client’s software deployment to push out
dissolvable scripts
• Determines anomalies, correlations and root causes
• Principle of least data – speed in analysis
• Incident is contained and environment moved into a state of
prevention
The Forrester Wave: Cybersecurity Incident Response Services, Q1 2019
• Cylance has well-defined processes and tooling
to ensure effective incident response. Cylance is
a global company who will only have greater
reach with their recent acquisition by BlackBerry.
• They have a wide range of products and services,
and established partnerships with law firms as
well as insurance brokers as well as carriers.
• Cylance has demonstrated incident response
expertise including investigating industrial control
system (ICS) environments.
The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester
Research, Inc. The Forrester Wave is a graphical representation of Forrester's call on a market and is plotted using a detailed
spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted
in the Forrester Wave. Information is based on best available resources. Opinions reflect judgment at the time and are subject to
change.
Incident Response and Forensics Services
Tactical
• Compromise Assessment
• Incident Containment (Response)
• Incident Response Retainer
• Disk Forensics
• Ransomware Negotiation / Bitcoin Payments
• Malware Analysis / Reverse Engineering
• Malware Assessment
Strategic
• Incident Readiness Assessment
• Incident Response Program Review and Development
• Incident Response Policy Gap Analysis
• Incident Response Policy Development
• Incident Response Plan Gap Analysis
• Incident Response Plan Development
• Playbook Gap Analysis
• Playbook Development
• Incident Response Table Top Exercise
• Forensic Capabilities Assessment
• Security Tools Assessment
IoT / Embedded Systems
• Healthcare
• Transportation
• Secure and protect networks without compromising
patient care
• IoT: Know that devices and support systems are secure
• Embedded: Ensure embedded products are delivered to
market securely with minimal delay and maximum return.
IoT / Embedded Systems Services
Tactical
• Embedded System Security Assessment
• Embedded System Design Review
• Automotive System Assessment
• Hardware Forensics
• Medical Device Security Assessment
• Medical Device Fuzzing
• Clinical Application Assessment
• Med Secure Assessment Framework
Strategic
• Embedded Device Program Development
• Clinical Security Program Management
• Vulnerability Management and Disclosure Program
• Clinical Security Program Governance
• Facilisafe
• Healthcare Advisory Services
Red Team
• Understand security gaps and vulnerabilities
• Inherently manage vulnerabilities
• Meet regulatory requirements and avoid fines
• Gain understanding of real-world risks to the
organization from the perspective of an attacker
Red Team Services
NETWORK SECURITY
• Internal Penetration Test
• External Penetration Test
• Wireless Penetration Test
• Firewall Assessment
• Network Architecture Assessment
(Firewall, VPN, Router, Switches)
• Host Penetration Assessment
• Active Directory Assessment
SOCIAL ENGINEERING
• Phishing Assessment
• Physical Penetration Testing
• Social Engineering (Phone)
Assessment
• OSINT/Reconnaissance
Assessment
APPLICATION SECURITY
• Web Application Penetration
Assessment
• Web API Penetration Testing
• Mobile Application Security
Assessment
• Thick Application Assessment
• Web Services Security Assessment
• Enterprise Mobility Management
Assessment
STRATEGIC
• Vulnerability Management and
Disclosure Program Development
• Security Technology Assessment
• IT Security Gap Assessment
• Vendor Risk Management Program
Development
• GDPR Compliance Assessment
• Security Governance Program
Development
• Virtual CISO (On-premises or
Remote)
• IT Security Gap Analysis
• Custom Staff Augmentation
COMBINED
• Goal-Oriented Red Team
Assessment
• Threat Modeling and Architecture
Assessment
• AWS Architecture Assessment
Strategic Services
• Applies industry expertise to manage friction
controls and risk
• Focuses on prevention and minimizing
vulnerabilities
• Want to understand client’s business operations
and strategic goals
Strategic Services
• Prevention Program Review
• Strategic Technology Assessment
• Technology Enablement by Design
• Incident Response Development
• Virtual CISO
• Vulnerability Management and Disclosure
• NIST CSF Gap Analysis
ThreatZERO• Full Auto-Quarantine
• Expert Handling of All PUPs and Malware
• Memory Protection Blocking Exclusion Handling
• Script Control / Macro Protection Handling
• Best Practices Training
• Remediation Based on Health Check Results
ThreatZERO Managed Prevention• Quarterly Health Check Reports
• Full Malware Status Review
• Full PUP Status Review
• Updates of Agent Version
• Maintains Prevention Status
ThreatZERO Services
• ThreatZERO (Foundational)
• ThreatZERO + Compromise Assessment
• Managed Prevention
• ThreatZERO Resident Expert
• Managed Prevention and Response
• ThreatZERO Assurance
• ThreatZERO Training
• Prevention Based Threat Hunting (CylanceGUARD™ – Coming 2019 2H)
"ThreatZERO was very useful. If you don’t
understand a product, you end up only using
10% of its capabilities. We got the knowledge
we needed to use all the products’ features to
optimize our environment. Now our team can
focus on other problems.”
Robert Osten, IT Manager, Formel D
Education Services
EDUCATIONAL SERVICES TRAINING
• ENGAGE Solution Training
• ENABLE Solution Training
• ESSENTIALS Solution Training
• EMPOWER Solution Training
• Cylance Security Professional (CSP) Accreditation
CUSTOMIZED TRAINING
• Incident Response Technical Training
• ThreatZERO Knowledge Transfer Training (for CylancePROTECT and CylanceOPTICS™)
• CylancePROTECT and CylanceOPTICS for IR Training
• Red Team Training
• Executive-Level Secure Yourself Training
• A Guide to Threat Hunting Using ELK Stack and Machine Learning
“This has been a completely satisfying experience,
full of professional knowledge, true support, and high
quality execution standards… The training was
premier, and we were able to cover multiple subjects
including the Cylance interface, policies, tools,
features, and deployment. I would highly recommend
their professional services and their product.”
IT Administrator, Mechanical Contracting / Engineering
Next Steps:
• Review the Forrester Wave reports
• Visit www.cylance.com/consulting
• Contact Cylance Consulting or your
technology provider• 10
• Come see us at Black Hat, booth 514
© 2 0 1 9 C y l a n c e I n c . A l l R i g h t s R e s e r v e d .