A Cylance Case Study: Machine Learning in Insider Threat Incident Response

Report Summary

A Cylance Case Study: Machine Learning in Insider Threat Incident Response

ML-powered products that do not use signatures to augment detection are largely enterprise-ready.

Boston, December 12, 2018 – In Q4 2016, a real-world deployment of a machine learning-based endpoint security solution identified a worm outbreak and prevented from it propagating further. This solution, CylanceProtect, performs pre-execution malware detection by inspecting the suspect file—without the need for signatures and without requiring it to execute.

This report provides empirical data on the enterprise-readiness of ML-based endpoint security solutions that work without signatures and their efficacy over legacy anti-virus solutions. The data provided in this report is a result of primary research methods observed in a monthlong incident response investigation as well as interviews conducted by Aite Group of the customer’s security engineers.

This is a 13-page Impact Note. Clients of Aite Group’s Cybersecurity service can download this report and the Executive Impact Deck.

Download table of contents

This report mentions Cylance, Darktrace, Kaspersky Lab, McAfee, Symantec, and Vectra Networks.

How can we help?

If you have a question specific to your industry, speak with an expert.  Call us today to learn about the benefits of becoming a client.

Talk to an Expert

Receive email updates relevant to you.  Subscribe to entire practices or to selected topics within

Get Email Updates