We just raised a $30M Series A: Read our story

Blackberry Protect OverviewUNIXBusinessApplication

Blackberry Protect is #16 ranked solution in endpoint security software. IT Central Station users give Blackberry Protect an average rating of 8 out of 10. Blackberry Protect is most commonly compared to CrowdStrike Falcon:Blackberry Protect vs CrowdStrike Falcon. Blackberry Protect is popular among the large enterprise segment, accounting for 45% of users researching this solution on IT Central Station. The top industry researching this solution are professionals from a computer software company, accounting for 26% of all views.
What is Blackberry Protect?

BlackBerry® Protect is an artificial intelligence (AI) based endpoint protection platform (EPP) that prevents breaches and provides added controls for safeguarding against sophisticated cyberthreats—no human intervention, Internet connections, signature files, heuristics or sandboxes required.

Blackberry Protect Buyer's Guide

Download the Blackberry Protect Buyer's Guide including reviews and more. Updated: November 2021

Blackberry Protect Customers

Panasonic, Noble Energy, Apria Healthcare Group Inc., Charles River Laboratories, Rovi Corporation, Toyota, Kiewit

Blackberry Protect Video

Archived Blackberry Protect Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
AZ
Co-Founder, CEO at a tech services company with 11-50 employees
Real User
Nice management display, easy to install, and works satisfactorily for standard protection

Pros and Cons

  • "On the management side, we liked the way it displays things."
  • "It should provide more details about the events that they have detected."

What is our primary use case?

We are part of a startup company that is operating in the same domain as this solution, so we tested it as part of the competition.

What is most valuable?

On the management side, we liked the way it displays things.

What needs improvement?

The downside is that the information displayed is not enriched enough. There was not much information available, that we could see. It should provide more details about the events that they have detected. There should be more information available post-incident. Basically, the user is informed that they have caught a threat, stopped it, and that's it.

Users want to know what the threat was, the type of attack, how it got in, which IP address, did it go into lateral movement, etc. The kind of information that could be analyzed by IT experts to take forward and understand whether the attack is continuing, or not. They have some of this information but compared to other products, it's basic.

For how long have I used the solution?

We tested this solution for about six months.

What do I think about the stability of the solution?

We did not thoroughly test its stability, but I can say that we didn't have any crashes or basic problems with it. In our tests, it did not crash, although we were focused on detecting threats as opposed to assessing stability.

What do I think about the scalability of the solution?

We installed this solution for five users.

How are customer service and technical support?

We did not contact technical support.

How was the initial setup?

The initial setup and installation of this solution are quite straightforward. Just download from the management console and install it. It's easy.

What about the implementation team?

We performed the installation ourselves.

Which other solutions did I evaluate?

We have evaluated many products. In fact, we tested most of them for our purposes of developing our own. Because we did a competitive analysis, we are keeping most of the information private. However, I can say that SentinelOne, CrowdStrike, and Carbon Black give you a lot more information than Cylance.

The majority of the leading solutions are quite good, and it's a tough market. For normal people, it is difficult to see the differences between them.

What other advice do I have?

The lack of details for the user is partly because of the way they detect. it is done passively, rather than dynamically, so they don't have a lot of information about the things that they already caught.

The suitability of this solution for any particular person will depend on their expectations. I would not rate this solution in the top five for things like presenting information, or ease of use. For standard protection they are ok, but if you have advanced demands, or a SOC, then I don't think that Cylance can compete with Carbon Black, CrowdStrike, or SentinelOne.

I would rate this solution an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
SA
Wirtschaftsprüfer, CPA, Steuerberater at a financial services firm with 11-50 employees
Real User
Doesn't consume too many system resources

Pros and Cons

  • "The solution is stable."
  • "The solution needs better dashboards that are easier to use."

What is our primary use case?

We use this product as our antivirus solution.

What is most valuable?

The most valuable feature is that it's quite small, and does not consume too many system resources.

What needs improvement?

Improvements could be made on the user interface of the console. Also, right now it's just an antivirus and there's no firewall or anything. So we have to use the Windows firewall. It's a good firewall. But I think other companies have integrated products.

The solution needs better dashboards that are easier to use. Also, a better user interface. Maybe even firewall integration of some kind. It would be helpful if you could see which threats have been detected, and have more information about what is going on.

What I'm missing is a backup. In Norton, there was a backup included. In Cylance there is no backup, or at least no backup for the relevant system, programs, or software parts.

For how long have I used the solution?

I've been using the solution for two months.

What do I think about the stability of the solution?

The solution is stable. It was no problem. All went quite well. There are no bugs or freezes.

What do I think about the scalability of the solution?

Adding other computers wasn't a problem. Just send them the link and it works. We have about ten users.

Which solution did I use previously and why did I switch?

Previously, we used Norton. We switched because Norton was very, very, heavy on consuming system resources. The computer itself was very, very slow and buggy. It took a lot of time for backup and things like that. 

What's my experience with pricing, setup cost, and licensing?

We would just add more if there are new users, but right now you just need one license for per user.

What other advice do I have?

You just have to download it from the Cylance website, so it's pretty easy. You have to be careful because if you have more firewalls you have to buy a separate product and the question is: How does it work with the firewall from a different vendor?

There should also be backup capability included.

I do, however, recommend the solution. I would rate this solution eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Learn what your peers think about Blackberry Protect. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
554,382 professionals have used our research since 2012.
TR
IT Manager at TIGRA gmbh
Real User
A quick installation process but security scripting needs improvement

Pros and Cons

  • "The solution is pretty easy to scale."
  • "The security scripting needs improvement. It needs deeper security for scripting."

What is most valuable?

The quick installation would be the most valuable aspect of this solution. The interface is also not too bad.

What needs improvement?

Security is an issue because they don't get Powershell. They scan the usual software and they don't scan deeper. The security scripting needs improvement. It needs deeper security for scripting. 

Also, more speed, less RAM, and less CPU.

For how long have I used the solution?

I've been using the solution for 6 weeks.

What do I think about the stability of the solution?

The solution was stable. We have just ten test users from different departments.

What do I think about the scalability of the solution?

The solution is pretty easy to scale.

How are customer service and technical support?

I'd rate technical support as medium, because they couldn't answer everything we asked.

What other advice do I have?

We decided to switch to a different platform because we got the EDR and the scripting solution tool in one box. It was an end-point solution, so a scripting solution, plus cybersecurity.

For basic security, I would recommend Cylance. For advanced security, I wouldn't.

I would give the solution a rating of 6 out of 10.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
BN
Software Engineer at a tech services company with 1-10 employees
Real User
Streamlines vulnerability data and makes it a lot easier to access and sift through it

Pros and Cons

  • "It handles situations that the other threat management tools wouldn't find. It has worked well covering the weaker sides of the other products that we're integrating."
  • "I would like to see a better UI in terms of sifting through more specific data and providing analytics. A little bit more would be nice."

What is our primary use case?

Our primary use case is threat analytics and log management.

How has it helped my organization?

It streamlines the data and makes it a lot easier to access and sift through. The solution has also helped us a lot in terms of making threats a lot more obvious with our correlation manager. I estimate it has saved us 20 percent of what was our mean time to detect and respond to threats. It has also helped increase staff productivity.

We do vulnerability detection for our product's security and Cylance allows us to make our assessments a lot more accurate.

What is most valuable?

The vulnerability management is the most valuable feature of this solution.

What needs improvement?

I would like to see a better UI in terms of sifting through more specific data and providing analytics. A little bit more would be nice.

What do I think about the stability of the solution?

It works really well.

What do I think about the scalability of the solution?

We use it for really small cases. In terms of scalability, I have no opinion on it. It works on a small scale for us.

How are customer service and technical support?

We've had pretty positive responses from technical support when we have reached out to them for assistance.

Which solution did I use previously and why did I switch?

We went with this product because we were integrating a bunch of other vulnerability threat management solutions. It handles situations that the other threat management tools wouldn't find. It has worked well covering the weaker sides of the other products that we're integrating.

How was the initial setup?

The initial setup was pretty straightforward.

What about the implementation team?

We used an integrator for the deployment. Our experience with them was fine, smooth. It worked, integrating it with our VMs.

What's my experience with pricing, setup cost, and licensing?

Our licensing cost for the solution is around $4,000 for six months. There are no costs in addition to the standard licensing fees.

Which other solutions did I evaluate?

My co-worker planned out what threat tools we needed, and Cylance was one of them.

What other advice do I have?

It works well and covers a good number of the bases you need covered for general cybersecurity and vulnerability management.

I would rate it a nine out of ten for great usage and really good customer service if anything goes wrong.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Eric Rise
Network & Security Engineer at a healthcare company with 51-200 employees
Real User
Top 5
Endpoints are protected in real-time without the need of a centralized server

Pros and Cons

  • "​Centralized dashboard online which can be used for managing a huge product."
  • "Even if an endpoint loses connection to the Internet, I know that endpoint is protected against 99.99% of the threats in the wild today."
  • "Specifically for a Windows domain environment, the product can be customized and pushed via GPO or SCCM without issue.​"
  • "Endpoints are protected in real-time without the need of a centralized server."
  • "​Work on the math model. We are catching a lot of false positives, which gets to be a pain at the start of a deployment."

How has it helped my organization?

Rather than having to log onto a central server to manage the endpoint protection, I can log onto the dashboard to manage everything. No on-premise server required, chewing up resources needed for other tasks and projects. Endpoints are protected in real-time without the need of a centralized server, whitelist, or the ability to connect to a central host in the cloud. Even if an endpoint loses connection to the Internet, I know that endpoint is protected against 99.99% of the threats in the wild today.

What is most valuable?

Centralized dashboard online which can be used for managing a huge product. Anything I need done can be done from a single website.

What needs improvement?

Work on the math model. We are catching a lot of false positives, which gets to be a pain at the start of a deployment. It is not hard to decipher and add a global safe list, so you do not have to touch or adjust Clients on all endpoints. After you get passed the initial scan, it is clear sailing and very easy to manage and maintain.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

No issues. I had heard of others having some issues early on with performance, but I never experienced any issues. When there is a problem, as administrators, we are notified promptly by Cylance of what the issue is, then they resolve it very quickly.

What do I think about the scalability of the solution?

Never an issue. I have deployed this solution immediately to endpoints of all flavors without issue: PCs, MACs, and servers. Specifically for a Windows domain environment, the product can be customized and pushed via GPO or SCCM without issue.

How are customer service and technical support?

I would rate technical support as a 10 out of 10. I have never had a bad experience and very rarely have had to call them for any type of support for the product.

Which solution did I use previously and why did I switch?

I had just renewed a three year subscription to a very popular endpoint protection suite when I went to a Cylance roadshow and discovered how poorly protected my organization really was. Out of 10 real world live bugs, my endpoint protection, fully-patched, deployed in a best practice environment only stopped seven of them. Cylance stopped all 10, and every show I have ever been to, Cylance has won hands down without question. Many other products require your endpoints to connect to a central hub on-prem or are cloud-based, then soon as they lose that ability, those solutions fail.

How was the initial setup?

Very easy to deploy. It can be done one by one or deployed by customizing an MSI file for GPO push.

What's my experience with pricing, setup cost, and licensing?

Shop around for sure and be assured the price you pay will be close to other solutions available, but even at a slight mark-up from the other solutions, you are getting real endpoint protection versus nothing more than a cheap security blanket that might keep you warm at night. However, it is not actually protecting you from anything.

Which other solutions did I evaluate?

Reviewed these: SEP, Cisco, McAfee, and discussed Palo Alto options as well.

What other advice do I have?

Do your homework. Demo products to see how they will work within your environment and involve your end users. End users are key to testing these deployments and what their experiences will be with it. 

Above all, do not get hung up on price. You pay for what you get and expensive will hurt one time, where cheap will hurt forever, especially if you fall victim to a ransom attack, etc.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Andrew S. Baker (ASB)
Cybersecurity & IT Operations Professional (VirtualCxO) at BrainWave Consulting Company, LLC
Consultant
Top 20
The machine learning algorithm is able to protect systems against zero-day threats

Pros and Cons

  • "The CylancePROTECT agent is very low on CPU usage, so it has virtually no adverse impact on my servers, desktops, or workstations."
  • "The management console needs a little maturity in how it presents data and allows the administrator to drill down or search across systems."

How has it helped my organization?

My clients have not had to contend with time-consuming false positives, nor have they had to worry about zero-day attacks, even for systems which have been off the network for months.

What is most valuable?

The CylancePROTECT agent is very low on CPU usage, so it has virtually no adverse impact on my servers, desktops, or workstations.

I am also quite impressed with its ability to protect systems against zero-day threats due to the machine learning algorithm, which powers its database. Databases, as old as 2015, are able to accurately detect 2017-era threats, such as WannaCry and other ransomware.

What needs improvement?

The management console needs a little maturity in how it presents data and allows the administrator to drill down or search across systems.

For how long have I used the solution?

We have had this in production for four months across three clients.

What do I think about the stability of the solution?

We have had a few machines experience potential problems with the CylanceOPTICS supplementary agent, but we have not narrowed down the issue as of yet. That is a total of two machines across over 100 deployed.

What do I think about the scalability of the solution?

So far, no.

How are customer service and technical support?

Customer Service:

10 out of 10. Customer service has been very responsive (going through a managed provider).

Technical Support:

10 out of 10. Technical support has been stellar (going through a managed provider).

Which solution did I use previously and why did I switch?

Yes, I used and supported a previous solution, but changed, because of system performance impact, and management of the client-side activity databases. (The old solution had a slightly better GUI, but not enough to offset the other concerns.)

How was the initial setup?

The initial setup was very straightforward.

  1. Install agent on system, apply key, and device comes up in the portal.
  2. Automatically apply monitoring policy.
  3. Verify the baseline, and quarantine or whitelist all detected files.
  4. Apply active policy.

Also, the installation did not require a reboot.

What about the implementation team?

Implementation was conducted with support of the Managed Service Provider, who was top notch in their knowledge and support of the toolset.

What was our ROI?

We expect our ROI to be eight months, especially when taking into account the time spent with customers dealing with ransomware recovery over the past two years.

What's my experience with pricing, setup cost, and licensing?

The initial endpoint cost may seem a little high (~$55/device/year), but when you look at the total peace of mind that the solution of Cylance endpoint protection provides, with no reboots for updates, and negligible performance impact, it is well worth it.

Which other solutions did I evaluate?

We evaluated Webroot, Symantec, Sophos, and Barkly.

What other advice do I have?

We would encourage everyone evaluating endpoint protection solutions to run a 30-day pilot (minimum) in their own environments and with a representative set of devices. Be sure to test the management of the systems, including the policy management and whitelisting/exception management.

Disclosure: My company has a business relationship with this vendor other than being a customer: We have been using it on our own network, and now we have signed on to be a reseller of this solution through a Managed Service Provider. We believe the solution is *that* good.
ITCS user
Lead Systems Administrator at a energy/utilities company with 1,001-5,000 employees
Vendor
Does malware analysis. Blocks WannaCry and other attacks that have come out.

Pros and Cons

  • "Does malware analysis. Blocks WannaCry and other attacks that have come out."
  • "​It needs real analysis of quarantined files. The EDR product isn't showing much right now."

What is most valuable?

Does malware analysis. Blocks WannaCry and other attacks that have come out.

How has it helped my organization?

It lifted the burden on the helpdesk from having to keep computers updated with definitions and thus reduced the labor hours spent monitoring AV on endpoints.

What needs improvement?

It needs real analysis of quarantined files. The EDR product isn't showing much right now.

For how long have I used the solution?

We have been using this solution for one year.

What was my experience with deployment of the solution?

Some DLLs and in-house apps were quarantined. Alerting mode is the way to deploy this software for at least three weeks.

What do I think about the stability of the solution?

I did not encounter any issues with stability.

What do I think about the scalability of the solution?

I did not encounter any issues with scalability.

How are customer service and technical support?

Customer Service:

I would rate customer service as excellent.

Technical Support:

I would rate technical support as excellent.

Which solution did I use previously and why did I switch?

The previous solution had too many things to monitor and required dedication to fix corrupt definitions. These required manual transfers and sometimes helpdesk time on the endpoint to fix the incumbent product.

What about the implementation team?

We implemented it in-house with the help of the sales engineer.

What was our ROI?

The ROI is immense, particularly in less dedicated labor hours. The ROI was much more in terms of security, particularly when new security flaws have recently appeared. By virtue of having this software product, the C-level suite feels more secure, because IT does not have to start taking downtime to patch servers in a hurry.

What's my experience with pricing, setup cost, and licensing?

Review closely how many endpoints you actually need before buying into a pricing level. Deal and deal with the VAR of your choice.

Which other solutions did I evaluate?

We evaluated Palo Alto Traps and Carbon Black.

What other advice do I have?

Review the performance of Cylance over the next year and ask for a 60 day trial, not just a 30 day trial. Monitoring the growth of this company is very important to determine if the product remains at the level that is in today.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Blackberry Protect Report and get advice and tips from experienced pros sharing their opinions.