At the Cutting Edge of Zero Trust: Announcing Seven Enhancements to CylanceEDGE

That’s why BlackBerry has been working hard to make zero trust simple and available. In fact, Forrester recently named BlackBerry a “notable zero trust platform vendor” in the advisory firm’s Zero Trust Platforms Landscape report (an honor bestowed to only 29 vendors in a very crowded cybersecurity market). We’ve developed a best-in-class zero trust platform designed to address outcome-driven use cases — even for organizations that may have skill gaps, resource constraints, or budget limitations.

The right partner delivers more than just a “point solution.” They can help you:

• Identify and mitigate security risks
• Implement and manage solutions
• Respond to dynamic threats and active incidents
• Meet unique operational challenges
• Support productivity for employees and contractors, anywhere and everywhere

How BlackBerry Simplifies Zero Trust

BlackBerry recently announced its latest zero trust innovation, CylanceEDGE™, helping organizations of any size enable secure work from everywhere. CylanceEDGE provides users with secure, fast, and effortless access to their work. The platform streamlines connectivity for applications hosted anywhere, and offers innovative features like single-click setup for nearly 50 of the most popular SaaS (Software-as-a-Service) productivity tools, including Microsoft 365^® and Google Workspace™.

CylanceEDGE makes it easy to improve collaboration and security for hybrid workforces and offers transformative capabilities to help future-proof your organization’s cybersecurity programs. It also enables secure connectivity for applications hosted on AWS Cloud, improves visibility of how sensitive data is being stored, accessed, and shared, and it delivers enhanced zero trust threat detection capabilities.

This technology is critically important to address core and expanded use cases essential for businesses to stay ahead of the latest threats.

Seven Enhancements to CylanceEDGE

BlackBerry is continually investing in its zero trust platform to meet tomorrow’s cybersecurity challenges. This allows businesses to progress beyond legacy solutions, like VPNs, and democratizes access to enterprise-grade security tools.

Our latest enhancements include:

• Safe Mode for Windows: This allows admins to set the endpoint agent default to "Safe Mode" when the user has not enabled "Work Mode." This is important because Safe Mode provides safe browsing at all times, prevents users from connecting to destinations with poor reputations, and denies traffic not permitted by the ACL (access control list) rules — even when Work Mode is not enabled. 
• Operating System-Specific ACL Support: With CylanceEDGE, admins can easily create rules and specify access controls based on the endpoint’s operating system. This feature enables administrators to limit access to sensitive resources and/or have ACL rules based on the type of device requesting access (for example, only allowing access to desktop devices running Windows^® or macOS^®).
• Split DNS Tunneling with Local DNS Lookup: DNS lookups for the domains listed in the “Private Network > Forward Lookup Zone” configuration are performed through the tunnel where network access controls are applied. All other DNS lookups are performed using local DNS, and the resulting traffic is routed according to the split-tunneling configuration. This feature lets you quickly identify traffic that does not use the tunnel or BlackBerry infrastructure. Initially, this feature does not have a UI (User Interface) component and is available upon request.
• HTTP Content Logging: In the ACL rules, you can specify whether network events should display unencrypted, plain-text HTTP connection data. When enabled, a summary of an event's request and response details are displayed on the Events Details page. This feature allows unencrypted HTTP network traffic to be analyzed more deeply while enabling threat hunting.
• View Network Events in the Alerts View: Events are now integrated on the alerts screen to better facilitate triage and hunting. This also reduces the friction in analyzing alert signals across all integrated products, while improving analyst efficiency within all tiers.​ The alerts screen will display DNS tunneling, reputation, signature, and zero day events with a high-risk level — or those blocked by your network protection settings. CylanceENDPOINT™, our self-defending endpoint security solution, processes and groups the events to optimize your threat-hunting and resolution activities. This feature lets you view all your security products in a unified way to better correlate information and speed response to potential threats.
• Support for Multiple Private Network Configuration: This allows access to multiple private networks, including segments, data centers, virtual private clouds (VPCs), and more — in an on-premises and/or cloud environment. This feature lets you deploy multiple CylanceEDGE ZTNA (Zero Trust Network Access) connectors from one UES tenant, and provides an aggregated view of the connectors for each private network.
• Improved Control of Network Traffic Settings and Configurable Reporting: The updated network protections settings introduce more granular controls. This includes control over the detections that you want to protect against (e.g., to block or only detect anomalies such as destination reputation), the details that you want to report and display on the events pages, and the items you want sent to the SIEM solution or syslog server, if configured. This provides greater flexibility for administrators, and enables them to simplify operations and streamline access to relevant data for greater ease of use.

Source