Protect your endpoints against advanced malware with the world’s first antivirus built on artificial intelligence and machine learning.
Cylance Logo

Protect your endpoints against advanced malware with the world’s first antivirus built on artificial intelligence and machine learning.


Future-Proof Endpoint Security

CylancePROTECT redefines what antivirus (AV) can and should do for your organization by leveraging artificial intelligence to detect AND prevent malware from executing on your endpoints in real time.

By taking a mathematical approach to malware identification utilizing patent-pending, machine learning techniques instead of reactive signatures and sandboxes, CylancePROTECT renders new malware, viruses, bots and unknown future variants useless.

Cylance has developed the most accurate, efficient and effective solution for preventing advanced persistent threats and malware from executing on your organization’s endpoints.

At the core of Cylance’s unprecedented malware identification capability is a revolutionary machine learning research platform that harnesses the power of algorithmic science and artificial intelligence. It analyzes and classifies hundreds of thousands of characteristics per file, breaking them down to an atomic level to discern whether an object is “good” or “bad” in real time.

How It Works

CylancePROTECT’s architecture consists of a small agent that integrates with existing software management systems or Cylance’s own cloud console. The endpoint will detect and prevent malware through the use of tested mathematical models on the host, independent of a cloud or signatures. It is capable of detecting and quarantining malware in both open and isolated networks without the need for continual signature updates.

Defense requires applying the best protection at the most vulnerable locations – the endpoints. Cylance’s mathematical approach stops the execution of harmful code regardless of having prior knowledge or employing an unknown obfuscation technique. No other anti-malware product compares to the accuracy, ease of management and effectiveness of CylancePROTECT.

Compatible with Microsoft Windows® and Mac OS® X

CylancePROTECT is compatible with all current versions of Microsoft Windows and Mac OS. It reports into the same cloud-based console as your other enterprise systems.

How We Use The Cloud

Cylance uses the cloud for data processing and hosting our cloud-based management. CylanceINFINITY ENGINE, at its heart, is a massively scalable data processing system in the cloud capable of generating highly efficient mathematical models to solve the malware problem. It works by collecting data, training and learning from the data, and calculating likely outcomes based on what it sees. It’s constantly getting smarter from environmental feedback and a continual stream of new data from all around the world. Cylance uses the cloud to host its cloud-based management console, allowing customers to manage all of their CylancePROTECT agents in one location. Below is an overview of the architecture of CylancePROTECT and its interactions with the cloud. The CylancePROTECT agent is lightweight when installed on endpoint devices and communicates with the cloud service to:

  • Pull down policy
  • Send information about threats and hosts
  • Receive commands sent out through the console
  • Upload threat samples (optional)
  • Download agent updates The agent uses secure communications by using Transport Layer Security (TLS) for privacy and data integrity. In addition, the agent and cloud connection also uses digitally signed certificates to authenticate the agent to the cloud. The agent also authenticates against the shard as agents are locked to shards cryptographically. Cylance also supports strong authentication via external identity providers, such as OneLogin & OKTA, Active Directory Federation Services, Azure Active Directory, and PingOne. These SAML integrations allow for multi-factor authentication and the ability to restrict portal usage to defined source IP ranges and other admin-defined protections.

A Better AppControl Solution

CylancePROTECT+AppControl permits only good applications to be whitelisted. It reduces management overhead and has far less impact on productivity than traditional application control solutions. CylancePROTECT+AppContol’s predictive model is the perfect solution for providing an exceedingly high degree of security for fixed-function devices such as data center servers, point of sale systems, industrial control systems, ATMs, and kiosks.

Key Benefits


CylancePROTECT enables admins to manage dynamic endpoints (laptops, desktops) and fixed-function devices (point of sale systems, ICS, ATMs) from the same console with different policy options. Since both approaches leverage the same underlying technology, it’s easy to reap the benefits on all of your devices.


Cylance® is a member of the Microsoft Virus Initiative and CylancePROTECT registers with the Microsoft Windows® operating system as an anti-malware solution.


Legacy application control systems require a separate product or component to maintain PCI compliance. CylancePROTECT+AppControl can be used to lock down fixed-function devices and comply with PCI-DSS.


CylancePROTECT supports disconnected/air-gapped networks and is the best solution for sensitive systems like ICS, which cannot be directly connected to outside networks such as the Internet.