Predictive AI for Endpoints

Here is a quote from Elon Musk that surfaced about a year ago: “With artificial intelligence, we are summoning the demon.” In contrast, around the same time, my good friend Stuart McClure, CEO of Cylance, offered the following comment on his blog: “I ask you to look beyond the robot uprising media memes and consider AI as the problem-solving technology that it is.” For the record, I agree with Stuart.

Current AI has progressed naturally from the sorting and searching primitives introduced in Knuth’s original volumes. And, like any powerful algorithms, AI technology can be both wonderful and nagging at the same time. Efficient search techniques, for example, make our day-to-day life easier on the Internet, but also create serious privacy issues. The use of AI in society will be no different. But in cyber security, it will be more help than harm.

Such big thoughts of AI were hard to suppress recently when the team from Cylance took me through their solution strategy. We went through present and future capabilities as well as their plans for Cylance endpoint protections offered to businesses and consumers. And we spent time on how the company has been applying the foundations of AI and machine learning to optimize protection from cyber threats. Here is what I learned:

“We focus on harnessing the power of machines,” explained industry veteran, Ed Metcalf, Senior Director of Product Marketing for the company. “Ultimately, the goal of our platform with AI-enabled Protection and EDR is to accurately and efficiently determine and manage the risk levels of all content at the endpoint. We believe that modern AI and machine learning methods provide the best way to accomplish this often-elusive goal.”

The Cylance platform approach involves the development of so-called models that serve as the underlying engine components of the prevention and detection solution. Models are trained by the Cylance team using machine learning data from its massively-deployed base. Roughly annually, the company deploys new models, but in the interim – the platform is designed to ingest data locally and make fast and accurate determinations about malware.

“We agree with so many of the comments and observations made by just about everyone that traditional anti-virus methods based on signatures simply no longer work,” explained Metcalf. “Our model-based solution is designed to automatically learn to recognize patterns in a way that does not rely on the weaknesses of signatures, application whitelists, or even behavioral observation techniques.”

Cylance offers its flagship CylancePROTECT platform to businesses of any size interested in enhancing the cybersecurity protection of their endpoints. The company complements this offering with a consumer-oriented tool called Cylance Smart Antivirus. The true power of AI for EDR is introduced with CylanceOPTICS, which supports the modern cyber hunter, who will be performing detailed investigation and advanced analytics.

One area of support within Cylance that surprised me somewhat was their significant emphasis on professional services for customers. Tech companies often shy away from this sometimes messy aspect of engagement support, but I can see how businesses would be eager to get advice from the Cylance experts. Industry consulting veteran Corey White has been the Cylance executive leader for this successful professional service offering.

We all know that the endpoint security space is super-crowded, and it is easy to get overwhelmed by the many options available today. But it seems prudent to listen to the Cylance story. The company is managed by professionals who’ve been around the block a couple of times, and – setting aside concerns from Elon Musk – are working in an area of technology that offers considerable promise for good.

Let me know what you think.