Press Release

Cylance Introduces Threat Indicators to CylancePROTECT and CylanceV, Providing Context on Threats Before They Execute

Press + Media Contact
Cylance PR Team
Cylance Inc.

First to put a "virtual threat researcher" in a preventive product Rather than being reactive, Threat Indicators dissect malware before an attack occurs

Irvine, CA -- (October 27, 2014)  – Cylance, the first math and machine learning-based advanced threat detection and prevention cybersecurity company, today released Threat Indicators, a first-of-its kind feature for CylancePROTECT and CylanceV. The predictive malware Threat Indicators dissect, define and provide context around threats before attacks occur.

"Existing cybersecurity technologies are reactive, meaning they require that an attack executes successfully for it to then be identified, inspected, diagnosed and responded." said Stuart McClure, CEO at Cylance. "Cylance has developed the only pre-attack technology to successfully identify and dissect malware before it executes, mitigating the need to react with panic or heavy cost. The new Threat Indicators feature provides context around threats that a non-expert can understand."

Cylance has some of the industry’s deepest and most experienced threat researchers. McClure is the founding and lead author of "Hacking Exposed", which explains the mind of a hacker and the manners used to attack. With Threat Indicators, this expert knowledge is now broken down to a level non-experts can interpret with ease.

Threat Indicators are observations about an object that the CylanceINFINITY engine has analyzed. These indicators help users better understand the threats detected by Cylance. Used in conjunction with Cylance’s cloud lookups, Threat Indicators provide unparalleled visibility into both static and dynamic aspects of the malware like the ability to log keystrokes, replace the Windows Logon prompt (GINA DLL), file/registry modifications, network activity, and many other characteristics.

The inclusion of Threat Indicators within the management console of CylancePROTECT and CylanceV puts the power of a virtual threat researcher in the hands of any administrator. The intricacies and interconnections of computer code, hashes and remote calls are simplified into normal human language and logical categories. Administrators can easily see why certain malware on their computer or server is classified as malicious.

Threat Indicators are grouped into six categories: anomalies, collection, destruction, deception, data loss and miscellaneous. Each Indicator defines an area that is frequently seen in malicious software. Many represent capabilities of the included binary, while others represent attempts at deception. Each has been identified as a frequent and strongly indicative feature based on deep analysis of more than 100 million binaries.

There is no additional cost for Threat Indicators. To get more information on Cylance or its products and services, please visit

About Cylance® Inc.

Cylance is the only company to offer a preventive cybersecurity solution that stops advanced threats and malware at the most vulnerable point: the endpoint. Applying a revolutionary artificial intelligence approach, the Cylance endpoint security solution, CylancePROTECT®, analyzes the DNA of code prior to its execution on the endpoint to find and prevent threats others can’t, while using a fraction of the system resources associated with endpoint antivirus and detect and respond solutions that are deployed in enterprises today. For more information visit:

Cylance and CylancePROTECT are registered trademarks or trademarks owned by Cylance Inc. in the United States and other jurisdictions and may not be used without prior written permission. All other trademarks are the property of their respective owners.

We use cookies to provide you a relevant user experience, analyze our traffic, and provide social media features. Read More