Adam G. TomeoProduct Marketing Manager

Hands-On Protection:Consulting Services Enhance Threat Prevention

Adam G. Tomeo

Product Marketing Manager

• 15+ years in the IT and Professional Services Industry

• Expertise in Professional Services, Enterprise Software

and Hardware

• Held senior roles across the partner ecosystem

“Implementing a new process is never easy, but this

team made it easy, successful, fun, and interesting…

We ran into many hiccups due to our company and its

specialized functions. It was refreshing to see how

much support went into getting results. The Cylance

team feels like family, and I think that is a huge selling

point for me.”

IT Security Analyst, Wholesale Food Retailer

BlackBerry Cylance AI Platform

Cylance prevention-first approach to Security

1. Prevent as many threats as possible

2. Make detection and response easy and fast

3. Deliver flexible solutions that adapts to customer needs

Cylance

ConsultingLeveraging AI to detect

and quarantine threats,

eliminate vulnerabilities,

and move your

environment to a state

of PREVENTION.

The Forrester Wave: Midsize Cybersecurity Consulting Services, Q2 2019

• BlackBerry Cylance ranked as a Leader.

• BlackBerry Cylance’s threat prevention products drive its

approach to consulting engagements. The firm can couple

proprietary tools like CylancePROTECT® and

ThreatZERO™ with strategic Virtual CISO (vCISO)

services.

• Client references praised BlackBerry Cylance’s round-the-

clock availability and the close relationships they have

developed with the account team.

• BlackBerry Cylance is a good fit for customers interested in

BlackBerry Cylance products who want a threat centric

approach for their cybersecurity consulting engagements.

The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester Research, Inc. The Forrester Wave is a graphical

representation of Forrester's call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor,

product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.

Consulting Overview

• Integrated Practice Areas

• Dedicated Engagement Manager

• Holistic Approach

• Customized Solutions

• World-Renowned Security Authorities

• Global Coverage with Local Attention

Industrial Control Systems

Artificial intelligence/machine learning approach – revolutionary for this industry

Three pronged approach:

1. Discover the business impact of a cyber threat

on the ICS

2. Identify vulnerabilities and indicators of compromise

within the control system environment

3. Identify and prioritize mitigation strategies

Industrial Control Systems Services

Tactical

• ICS Security Fundamentals

• ICS Red Team Services

• ICS Compromise Assessment

• ICS Incident Response (Containment)

• ICS Component Testing

• ICS Component Analysis

Strategic

• ICS Security Assessment

• Building Automation Assessment

• ICS Policy Gap Analysis

• ICS Security Technology Assessment

• ICS Security Monitoring

• ICS Site Security Review

• ICS Backup and Recovery

• ICS Incident Response Program

Review and Development

Incident Response and Forensics

• Robust, lightweight, effective process leveraging best

technology available (AI)

• No network taps, agents, or monitoring of egress points

• Leverages client’s software deployment to push out

dissolvable scripts

• Determines anomalies, correlations and root causes

• Principle of least data – speed in analysis

• Incident is contained and environment moved into a state of

prevention

The Forrester Wave: Cybersecurity Incident Response Services, Q1 2019

• Cylance has well-defined processes and tooling

to ensure effective incident response. Cylance is

a global company who will only have greater

reach with their recent acquisition by BlackBerry.

• They have a wide range of products and services,

and established partnerships with law firms as

well as insurance brokers as well as carriers.

• Cylance has demonstrated incident response

expertise including investigating industrial control

system (ICS) environments.

The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester

Research, Inc. The Forrester Wave is a graphical representation of Forrester's call on a market and is plotted using a detailed

spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted

in the Forrester Wave. Information is based on best available resources. Opinions reflect judgment at the time and are subject to

change.

Incident Response and Forensics Services

Tactical

• Compromise Assessment

• Incident Containment (Response)

• Incident Response Retainer

• Disk Forensics

• Ransomware Negotiation / Bitcoin Payments

• Malware Analysis / Reverse Engineering

• Malware Assessment

Strategic

• Incident Readiness Assessment

• Incident Response Program Review and Development

• Incident Response Policy Gap Analysis

• Incident Response Policy Development

• Incident Response Plan Gap Analysis

• Incident Response Plan Development

• Playbook Gap Analysis

• Playbook Development

• Incident Response Table Top Exercise

• Forensic Capabilities Assessment

• Security Tools Assessment

IoT / Embedded Systems

• Healthcare

• Transportation

• Secure and protect networks without compromising

patient care

• IoT: Know that devices and support systems are secure

• Embedded: Ensure embedded products are delivered to

market securely with minimal delay and maximum return.

IoT / Embedded Systems Services

Tactical

• Embedded System Security Assessment

• Embedded System Design Review

• Automotive System Assessment

• Hardware Forensics

• Medical Device Security Assessment

• Medical Device Fuzzing

• Clinical Application Assessment

• Med Secure Assessment Framework

Strategic

• Embedded Device Program Development

• Clinical Security Program Management

• Vulnerability Management and Disclosure Program

• Clinical Security Program Governance

• Facilisafe

• Healthcare Advisory Services

Red Team

• Understand security gaps and vulnerabilities

• Inherently manage vulnerabilities

• Meet regulatory requirements and avoid fines

• Gain understanding of real-world risks to the

organization from the perspective of an attacker

Red Team Services

NETWORK SECURITY

• Internal Penetration Test

• External Penetration Test

• Wireless Penetration Test

• Firewall Assessment

• Network Architecture Assessment

(Firewall, VPN, Router, Switches)

• Host Penetration Assessment

• Active Directory Assessment

SOCIAL ENGINEERING

• Phishing Assessment

• Physical Penetration Testing

• Social Engineering (Phone)

Assessment

• OSINT/Reconnaissance

Assessment

APPLICATION SECURITY

• Web Application Penetration

Assessment

• Web API Penetration Testing

• Mobile Application Security

Assessment

• Thick Application Assessment

• Web Services Security Assessment

• Enterprise Mobility Management

Assessment

STRATEGIC

• Vulnerability Management and

Disclosure Program Development

• Security Technology Assessment

• IT Security Gap Assessment

• Vendor Risk Management Program

Development

• GDPR Compliance Assessment

• Security Governance Program

Development

• Virtual CISO (On-premises or

Remote)

• IT Security Gap Analysis

• Custom Staff Augmentation

COMBINED

• Goal-Oriented Red Team

Assessment

• Threat Modeling and Architecture

Assessment

• AWS Architecture Assessment

Strategic Services

• Applies industry expertise to manage friction

controls and risk

• Focuses on prevention and minimizing

vulnerabilities

• Want to understand client’s business operations

and strategic goals

Strategic Services

• Prevention Program Review

• Strategic Technology Assessment

• Technology Enablement by Design

• Incident Response Development

• Virtual CISO

• Vulnerability Management and Disclosure

• NIST CSF Gap Analysis

ThreatZERO• Full Auto-Quarantine

• Expert Handling of All PUPs and Malware

• Memory Protection Blocking Exclusion Handling

• Script Control / Macro Protection Handling

• Best Practices Training

• Remediation Based on Health Check Results

ThreatZERO Managed Prevention• Quarterly Health Check Reports

• Full Malware Status Review

• Full PUP Status Review

• Updates of Agent Version

• Maintains Prevention Status

ThreatZERO Services

• ThreatZERO (Foundational)

• ThreatZERO + Compromise Assessment

• Managed Prevention

• ThreatZERO Resident Expert

• Managed Prevention and Response

• ThreatZERO Assurance

• ThreatZERO Training

• Prevention Based Threat Hunting (CylanceGUARD™ – Coming 2019 2H)

"ThreatZERO was very useful. If you don’t

understand a product, you end up only using

10% of its capabilities. We got the knowledge

we needed to use all the products’ features to

optimize our environment. Now our team can

focus on other problems.”

Robert Osten, IT Manager, Formel D

Education Services

EDUCATIONAL SERVICES TRAINING

• ENGAGE Solution Training

• ENABLE Solution Training

• ESSENTIALS Solution Training

• EMPOWER Solution Training

• Cylance Security Professional (CSP) Accreditation

CUSTOMIZED TRAINING

• Incident Response Technical Training

• ThreatZERO Knowledge Transfer Training (for CylancePROTECT and CylanceOPTICS™)

• CylancePROTECT and CylanceOPTICS for IR Training

• Red Team Training

• Executive-Level Secure Yourself Training

• A Guide to Threat Hunting Using ELK Stack and Machine Learning

“This has been a completely satisfying experience,

full of professional knowledge, true support, and high

quality execution standards… The training was

premier, and we were able to cover multiple subjects

including the Cylance interface, policies, tools,

features, and deployment. I would highly recommend

their professional services and their product.”

IT Administrator, Mechanical Contracting / Engineering

Next Steps:

• Review the Forrester Wave reports

• Visit www.cylance.com/consulting

• Contact Cylance Consulting or your

technology provider• 10

• Come see us at Black Hat, booth 514

© 2 0 1 9 C y l a n c e I n c . A l l R i g h t s R e s e r v e d .