Cylance

Cylance is a cybersecurity company that provides artificial intelligence-based threat prevention, detection, and response tools for enterprise environments, with a focus on endpoints and identity-centric controls.

• AI-driven endpoint threat prevention and detection (endpoint security)
• Threat hunting, incident response, and Security Operations (SecOps) support (security operations)
• Identity and access protection for users and devices (identity security)
• Cloud-managed security platform and policy orchestration (security management)
• Security services and expertise aligned to enterprise risk reduction goals (security services)

More About Cylance

Cylance operates in the enterprise cybersecurity domain, focusing on Artificial Intelligence (AI) and Machine Learning (ML) techniques to prevent malware, ransomware, and other threats at the endpoint and identity layers before execution. Its tools are positioned for organizations that want to move from a purely reactive, signature-based defense model toward predictive and prevention-first SecOps across desktops, laptops, servers, and mobile and remote endpoints.

The company’s core technologies apply ML models to file attributes, behavioral signals, and contextual telemetry to classify and block malicious activity without heavy reliance on traditional signatures. In enterprise deployments, these capabilities are typically integrated with endpoint agents that enforce policies locally while coordinating with cloud services for centralized management, telemetry analysis, and model updates. This architecture is intended to support both online and offline protection, which is relevant in distributed or hybrid workforces.

Cylance’s platform aligns with common enterprise security frameworks such as endpoint protection platforms (EPP) and Endpoint Detection And Response (EDR), and can be positioned alongside Security Information and Event Management (SIEM) and Extended detection and response (XDR) workflows. Organizations often integrate its threat and telemetry data with broader security stacks to support incident response, threat hunting, and compliance reporting across on-premises (on-prem) and cloud infrastructure.

On the identity side, Cylance provides tools that monitor user and device behavior, apply risk-based controls, and help protect credentials and access paths. These functions map to identity security and zero trust architectures, in which continuous verification and least-privilege access are core design principles. By linking endpoint posture, identity context, and behavioral analytics, the platform seeks to reduce opportunities for lateral movement and credential misuse in enterprise networks.

From a marketplace taxonomy perspective, Cylance fits into categories such as endpoint security, identity security, threat analytics, and SecOps support. Its offerings are used by enterprises, public sector entities, and other institutions to strengthen defenses against malware, fileless attacks, and targeted intrusions, while providing security teams with tools for monitoring, investigation, and response. The company’s focus on AI-based prevention and centralized, cloud-managed control surfaces makes it relevant for organizations modernizing legacy antivirus deployments and aligning security architecture with current threat models and distributed IT environments.