How Cylance PROTECTs You
- Background Threat Detection: Scans files on the system, running in the background, and designed to consume a small amount of system resources. It is recommended to enable Background Threat Detection and Watch For New Files. If Watch For New Files is enabled, it is recommended to configure Background Threat Detection to Run Once. You need to check existing files one time only if you are also watching for new and updated files.
- Process Scan: Scans processes running on the device.
- File Watcher: Scans new and updated files for threats. Because this feature only looks for new and updated files, it is recommended to use Background Threat Detection set to Run Once. Background Threat Detection scans all files on the device.
- Execution Control: Analyzes running processes only. This includes all files that run at system startup, that are set to auto-run, and that are manually executed by the user.
Analysis: How files are identified as malicious or safe.
Infinity Engine: The CylancePROTECT Mathematical Model in the cloud and is used to score files.
Local: The CylancePROTECT Mathematical Model included with the Agent. This allows analysis when the device is not connected to the Internet.
Action: What the Agent does when a file is identified as a threat.
Global: Checks policy settings, including the Global Quarantine and Safe Lists.
Local: Checks for files manually Quarantined or Waived.