Backtrack:  
 
showing posts tagged with 'cylance'
 
edited by on June 23rd 2021, at 16:17
Here's a list of common installation options for Cylance. Note that they can also be used with the Cylance Unified installation MSI. Replace <PIDKEY> with the tenant's installation key.

New tenant installation (so Cylance will be running in "learning mode" for a few weeks), where clients are using Windows Defender as the primary AV:

msiexec.exe /i "CylanceProtect_x64.msi" ALLUSERS=1 /qn /norestart /log output.log PIDKEY=<PIDKEY> LAUNCHAPP=1 REGWSC=0

Existing tenant (which is past the "learning period") or a new tenant where clients are using another (supported) anti-virus as the primary AV:

msiexec.exe /i "CylanceProtect_x64.msi" ALLUSE  ...
edited by on May 3rd 2021, at 13:36
Despite of Cylance being supported on macOS 11 Big Sur since build 1580, you may encounter an issue where Cylance would still show a red dot in its icon in the menu bar, and opening the GUI would still show this error message:

Driver Failed To Connect, Device Not Protected

To resolve this, you need to give the agent and the new Cylance ES Extension full disk access:



On macOS Catalina and earlier, Cylance used kernel extensions, providing full disk access via the macOS kernel. Because of the deprecation of kernel extensions and the subsequent introduction of the new system extensions mechanism introduced in macOS 11 Big Sur, you need to explicitly allow full disk access to the system ext  ...
by on January 1st 1970, at 01:00
When deploying Cylance for the first time in a new environment, best practice is to have it run in "audit mode" where Cylance detects but does not act upon it. Of course, this would not be very secure if you don't have another anti-virus in place. Starting from Windows 10 and Server 2016, Windows Defender is automatically installed and active if no other anti-virus product is installed. However, installing Cylance the regular way would result in Windows detecting the presence of Cylance and disabling most of the functionality of Defender. Luckily, you can workaround the issue by having Cylance not register as an anti-virus with Windows Security Center during the installation (or af  ...
 
showing posts tagged with 'cylance'