BlackBerry launches BlackBerry Optics 3.0 and BlackBerry Gateway for ZTNA

BlackBerry Builds Out Extended Detection and Response (XDR) Capabilities

BlackBerry has launched BlackBerry Optics 3.0, its next-generation cloud-based endpoint detection and response (EDR) solution and BlackBerry Gateway, the company’s first AI-empowered Zero Trust Network Access (ZTNA) product.

Rooted in a prevention-first and AI-driven approach, BlackBerry says it’s new endpoint and network security capabilities will help differentiate BlackBerry’s extended detection and response (XDR) strategy.

According to Forrester, “XDR unifies EDR with other security and business tooling. EDR gives granular visibility and provides precise response actions for endpoints. However, it lacks visibility and response actions for other parts of the business, like non-endpoint related network telemetry, email behaviours, and cloud environments, leaving security analytics to pick up the slack. XDR provides needed visibility and control to other parts of the business through integrations that combine EDR data with other types of telemetry.”

The new cloud-native architecture and Advanced Query capability that underpins Optics 3.0 is integral to BlackBerry’s XDR strategy. With Optics 3.0, Edge AI threat detection and automated response capabilities execute directly on the endpoint device so an incident can be mitigated in near real-time. The resulting telemetry, alert, and forensic data gets stored in the cloud data lake along with non-endpoint related telemetry data. Security professionals can then query and analyse the multiple source of telemetry data to gain greater visibility and context into an organization’s security environment.  

BlackBerry Gateway

BlackBerry Gateway

BlackBerry Gateway marks the company’s entry into ZTNA for both SaaS and on-premises applications. Built with a “Prevent First and Protect First” approach, Gateway’s Zero Trust architecture helps organizations reduce network access risk by assuming every user, endpoint, and network is potentially hostile until identity is authenticated. As the company builds out its XDR architecture, Gateway would provide ZTNA telemetry data that would be added to the cloud data lake.

BlackBerry Gateway is a Zero Trust Network Access (ZTNA) solution that mitigates the additional security vulnerabilities created by supporting mobile and remote workers. Trying to pre-emptively verify and protect all possible combinations of home office technology before allowing it on the business network is not viable.

By implementing an AI-empowered Zero Trust framework, BlackBerry Gateway uses continuous authentication to ensure only secure and trusted devices access business resources. Every home office device or app may not be secure, but each one connecting to the business environment must prove their trustworthiness to receive access.

BlackBerry Gateway differs from a VPN in the way it grants access to business resources. A VPN authenticates to a network, offering successful attackers broad access to the environment. Instead, BlackBerry Gateway grants access to an app and offers no greater visibility into the network, drastically reducing the attack surface.

The continuous authentication capabilities of BlackBerry Gateway also differentiate it from the VPN approach. VPNs take a static approach to authentication and authorization. Once an entity passes the initial verification process, VPNs declare them safe for the duration of their connection.

BlackBerry Gateway continuously authenticates external actors. It looks at multiple factors, including user behaviour, device trustworthiness, and

“We are delighted to see our vision for an extended detection and response architecture take shape,” said Billy Ho, EVP of Product Engineering, BlackBerry.

“Traditional endpoint security alone is not enough to tackle the sophisticated threat landscape. Our end-to-end approach to cybersecurity is deeply rooted in Cylance AI and ML to provide enhanced visibility and protection against current and future cyberthreats.

As part of our XDR roadmap, we will continue to add new products and additional sources of security telemetry, such as user behaviour, identity, network, data, application, and cloud to the Optics 3.0 cloud data lake. This will enable data correlation, automated workflows, automated threat hunting, to enable more efficient and effective detection and response.”

BlackBerry Gateway, when integrated with the BlackBerry Protect advanced AI-powered endpoint security product, provides a comprehensive defence against threats targeting devices, networks, and user identity. BlackBerry Protect leverages AI to prevent known, unknown, and zero-day threats, while BlackBerry Gateway ensures business networks are only accessed by trusted and healthy devices.

BlackBerry Optics

BlackBerry’s a cloud-native BlackBerry Optics provide visibility, on-device threat detection and remediation across your organization. In milliseconds. Their EDR approach effectively and efficiently hunts threats while eliminating response latency. It’s the difference between a minor security event—and one that’s widespread and uncontrolled. 

BlackBerry’s EDR approach is based on three pillars:

Cloud-Enabled Architecture

BlackBerry Optics applies all detection and response logic at the endpoint, and stores the resulting telemetry, alert, and forensic data in the cloud for off-line analysis.

Intelligent Edge AI

Artificial intelligence (AI), machine learning (ML), and context-driven threat detection rules identify security breaches and trigger automated responses that reduce mean time to detection (MTTD) and mean time to remediation (MTTR).

Deep Insight

BlackBerry Optics facilitates threat hunting and root cause analysis by providing analysts with seamless access to correlated and contextualized endpoint data.

BlackBerry Optics Capabilities

  • EDR Engine
  • Automated forensic events logging
  • Automated response
  • Custom detection rules
  • Integrated MITRE ATT&CK
  • Secure remote response
  • Private Network Visibility
  • Advanced Scripting Visibility
  • Deep Insight 30-day retention, included
  • Deep Insight 90-day, 365-day retention, available
  • Cryptomining detection
  • Audit logging

BlackBerry Optics 3.0 will be available in Q2’21 and BlackBerry Gateway is available in May 2021.

My Cart Close (×)

Your cart is empty
Browse Shop

Rapid Mobile

Rapid Mobile uses cookies, tokens, and other third party scripts to recognise visitors of our sites and services, remember your settings and privacy choices, and - depending on your settings and privacy choices - enable us and some key partners to collect information about you so that we can improve our services and deliver relevant ads.


By continuing to use our site or clicking I Accept, you agree that Rapid Mobile and our key partners may collect data and use cookies for personalised ads and other purposes, as described more fully in our privacy policy.


You can change your settings at any time by clicking Manage Settings or by visiting our Privacy Centre for more detailed information.


Privacy Settings saved!
Cookie Services

We need your consent so that we and our trusted partners can store and access cookies, unique identifiers, personal data and information about your browsing behaviour on your device. This enables us to serve relevant content and advertising to you, and to improve the service that we provide to our readers. This only applies to we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

These cookies allow us to count visits and traffic sources, so we can measure and improve the performance of our site.

We track anonymized user information to improve our website.
  • _ga
  • _gid
  • _gat

Save my preferences