Dell partners with Cylance to add APT prevention technology to Dell Data Protection solution

Dell adds Cylance’s artificial intelligence-based technology, which has a very high success rate in stopping malware from executing, to its Dell Data Protection endpoint security solution.


Brett Hansen, Dell’s Executive Director of Data Security Solutions

Dell has announced a partnership with Irvine CA-based startup Cylance which will see Cylance’s technology, which uses artificially intelligence to proactively prevent advanced persistent threats (APTs). Cylance’s technology will be integrated into the Dell Data Protection endpoint security solution.

“Dell Data Protection has unique encryption capabilities, and the opportunity we are pursuing is how to protect end users from APTs,” said Brett Hansen, Dell’s Executive Director of Data Security Solutions. “Traditional forms of malware protection are incapable of keeping up with this threat environment. So we decided to look for a partner on the threat protection side of the house.”

Hansen said Dell was looking for three key factors in a partner here.

“First, we were looking for someone who used a lightweight local agent,” he said. “We didn’t want to be dependent on an Internet connection or cloud based services, and we didn’t want a repeat of the problem of signature-based malware, where you have a big, giant, ugly file that drags down system performance. We also wanted something that doesn’t require a lot of updates.”

Secondly, Hansen said they wanted a solution that prevents, rather than just detects.

“Cloud-based solutions have to be connected to be effective, but another key gap with cloud solutions is that they are about detection and remediation. They tend to reflect a doom and gloom prediction of you can no longer keep up, so try and minimize damage. That means endpoints, which Dell makes lots of, will be compromised and we have an issue with that. That’s not acceptable. We wanted something that would stop malware from executing.”

The third criteria is that the solution had to have a high degree of effectiveness.

“One of the biggest downfalls of sensor-based anti-malware today is that the effectiveness is very low against the clever kind of threats we are seeing today,” Hansen said. “Cylance on the other hand is 99 per cent effective, compared to the industry average of around 50 per cent.”

Cylance, which Dell invested in through Dell Ventures earlier this year, has been around for four years, and has had product shipping for a year and a half.

“They take a very novel approach,” Hansen said. “They understand the core characteristics of malware and the DNA of an executable, and based on millions of different variables, can tell in a fraction of a second whether a specific one is good or bad. Their technology is based on machine learning and artificial intelligence, and from their immense data set, they have come up with a logarithm that sits on their light agent and can determine whether an application is malicious or benign.”

Hansen emphasized that Cylance actually stops malware from executing.

“It’s not just that they just detect, it’s that they interrupt,” he said.

“Cylance is young and small, and at this stage their challenge is simply size and scale issues in reaching customers,” Hansen said. “Dell gives them that capacity.

Hansen indicated that Cylance is not well known in the channel, yet.

“They built their business from the beginning with a channel mindset, but the channel is still very small,” he said. “Cylance’s focus has been on large enterprises, who aren’t eager to publicize that they just bought a new piece of technology.”

Hansen said that the Cylance technology will be integrated into Dell Data Protection | Endpoint Security Suite Enterprise, and available to customers purchasing that in February 2016. It will be branded as ‘Powered by Cylance.’

“We will also have an OEM version of their offering available as part of the Dell portfolio, so it can be purchased as a true software solution sale, or added when you buy a commercial Dell PC,” Hansen added. “It is not focused on consumers today, nor on small businesses with under 25 seats, although we and our partners will sell it to SMBs, midmarket and large enterprises. You do need a server to administer it.”

Hansen said Dell expects this to be a significant and valuable relationship.

“We benefit from their technology. They benefit from our reach and ability to engage at a much smaller footprint than they have been. And it gives customers a very unique way of addressing threats that they have been challenged to deal with.”