diff --git a/atomics/T1063/T1063.md b/atomics/T1063/T1063.md
index d0cdc619..3b107073 100644
--- a/atomics/T1063/T1063.md
+++ b/atomics/T1063/T1063.md
@@ -41,9 +41,10 @@ Methods to identify Security Software on an endpoint
 ```
 netsh.exe advfirewall firewall show all profiles
 tasklist.exe
-tasklist.exe | findstr virus
-tasklist.exe | findstr cb
-tasklist.exe | findstr defender
+tasklist.exe | findstr /i virus
+tasklist.exe | findstr /i cb
+tasklist.exe | findstr /i defender
+tasklist.exe | findstr /i cylance
 ```
 <br/>
 <br/>
@@ -59,6 +60,7 @@ Methods to identify Security Software on an endpoint
 powershell.exe get-process | ?{$_.Description -like "*virus*"}
 powershell.exe get-process | ?{$_.Description -like "*carbonblack*"}
 powershell.exe get-process | ?{$_.Description -like "*defender*"}
+powershell.exe get-process | ?{$_.Description -like "*cylance*"}
 ```
 <br/>
 <br/>