![Malwarebytes Endpoint Protection Malwarebytes Endpoint Protection](/uploads/1/2/5/4/125408436/145517950.png)
A reddit dedicated to the profession of Computer System Administration.Community members shall conduct themselves with professionalism.Do not expressly advertise your product.More details on the may be found.For IT career related questions, please visitPlease check out our, which includes lists of subreddits, webpages, books, and other articles of interest that every sysadmin should read!Checkout the Users are encouraged to contribute to and grow our Wiki.So you want to be a sysadmin?Official IRC Channel - #reddit-sysadmin onOfficial Discord -. Just wondering if anyone here has encountered/implemented/used Malwarebytes Endpoint Protection.
Jun 15, 2017 - Malwarebytes Endpoint Protection includes an easy to deploy, scalable cloud platform that allows you to rapidly install, configure, and manage. The Malwarebytes Endpoint Protection installation process is designed to simplify the migration from other Malwarebytes products. Once the Malwarebytes Endpoint Agent is deployed to a machine it then registers to your cloud account, performs a cleanup of any older Malwarebytes clients currently installed, and begins installing your cloud protection modules.
I work for a technology consulting company/MSP dealing primarily with local SMB's. We've recommended and sold VIPRE Endpoint in the past but we're currently looking into implementing Malwarebytes Endpoint for some new customers.Any feedback from you all? Is it worth implementing?
What are its strengths/weaknesses? How does it stack up to VIPRE/GFI, Symantec, Carbon Black, or the sea of other enterprise endpoint security offerings?.
Recently moved my company to Sentinel One (from Symantec). I couldn't be happier with the product, it really is nothing short of fantastic, a far cry above and beyond other end point protection I have used in the past (Symantec, Trend Micro, Bitdefender).I loved it so much, I tried to get it for a small business I do some side work for, however Sentinel One won't sell less than 100 seats (after the initial 100 you can buy in blocks of 5, but you can't get like just 10 seats). So unfortunately I couldn't use them, as the company is only 5 people.Interestingly they do have 'sites' in the management interface, so I suppose if you were an MSP you could have several small 'sites' (your clients) and divvy up the licenses. I am just doing side work with this one client at the moment, so I can't justify the cost of 100 seats. Have their cloud-based endpoint product deployed to around 20 PC's and servers. Easy to deploy, may require a.net update and most will need a reboot.
Can define polices, scan schedules, exclusions, create groups and users. Also has sys logging and SSO functionality, neither of which I'm currently using. Canned reports can be on demand or scheduled, and are pretty general.
The dashboard is okay, serves its purpose but not a lot of wow factor. A couple 'would be nice' items is when in dashboard -endpoints window, if an infection is noted, would be nice to click 'infected' and go right to the results. Instead you have to click to a detection window and find it there. Still a bit slow in kicking off tasks. Also does some asset management stuff, like a list of installed software. To me that's fluff, as have an asset management program.
Overall, its okay, certainly better than the previous 'on-prem' console that was server-based. Generally it's sufficient and does it's job without much strain or fuss.I have the on-prem version and the reports are worthless. Otherwise the policies are easy to configure and manage and I deployed the agent through a 3rd party tool without issue.I've been trying to get their sales team to quote me for the cloud version but I can't seem to get their attention. Lack Management is a bummer. So is lack of Embedded OS support, but that's just a super extra bonus if it did. We also got a definition update that blocked our entire subnet so I needed to SneakerNet with a sheet of LAPS passwords to dozens of buildings to run a fix script.Combined with latest SEP version without an issue.
Disclamer: I work for Malwarebytes on this exact product. I'll try to stay as general as possible to avoid obvious issues.I would recomend Malwarebytes for general use. If you are a medium or large sized company, the cloud console is a good solution for managing endpoints. To not get too hard on other companies, I used Symantic Endpoint Protection at an old company as a consumer and it was rather hard to use.Theres also a lot of cool features that come at a nice price tag (read expensive) that most people don't know about.
We have tons of names internally for it, but Endpoint Protection and Response is a pretty cool product. This might be some pride talking though since I have done a lot of work on it.I don't work on this personally but there is also an Incident Response product that I hear about almost daily. I'm not very familiar with it though. We also have a repository of free tools somewhere that can be useful.Theres really exciting features coming in the future that are relavent here but unfortunately I can't talk about them since they are not released yet. Once they are released I am 100% going to be talking about it everywhere.Probably the most important though is that everybody on the teams I work with have a SUPER strong sense of morals. Don't Fuck The Customer is literally a company motto and its not just some cartoon character.
We regularly shut down decisions citing this.
Hello all!We have been using a combo of Malwarebytes Anti-Malware, Cryptoprevent, and Symantec Endpoint Corporate Anti-Virus for our clients.We would like to consolidate these by using the Malwarebytes Endpoint Security option - sold as a 'replacement for your AV' and includes ransomware protection.So, question is. What's your opinion? Our client environments are all Windows clients, with Windows Servers that run as DC and file storage. Installing Malwarebytes Endpoint Security across all workstations and servers, some file and process exceptions to tweak any added slowness - good idea?
@brandon220 - Malwarebytes Endpoint Security is a combo of their Anti-Malware, Anti-Exploit, and Anti-Ransomware products. And adds a central management console for the workstations in the organization.@Spartan117458 - I agree. A layered security approach is always the best approach.
However, I'm thinking if the Malwarebytes Endpoint Security gives really good and centrally managed protections on all machines, can the lower tier AV products (i.e. Windows Defender) be coupled with it and still provide a good solid protection plan? There is a ton of debate on the effectiveness of traditional AV, and I think that's because 'traditional viruses' are being abandoned for malware and ransomware (both of which seem well protected with this product). Hi Blake, I know you're really looking for your fellow SpiceHeads advice here from their personal experiences and I know the knowledgeable Community will continue to jump in to help you find the best solution for your situation. I just wanted to see if you were open to looking into any other solutions for this? If you are I did want to let you know that it might be worth while to look into the solutions we have at SentinelOne to see if they might be a good fit.Our is a certified that utilizes prevention, detection, and response in a single platform, with a low performance impact, all managed by our single cloud-based console.
SentinelOne offers protection against all forms of malware including forms of malware that traditional AV does not protect against. I did also want to mention that we recently released a.As you mentioned, with the rapid evolution of cyber threats AV alone isn't always enough to prevent ransomware and other polymorphic malware. If you would like to you can learn more about our take on this in our recent a: Looking Beyond AV: Solving the Endpoint Protection Problem.Now if you do think you might be interested in seeing if we could be a good fit feel free to check out a few demos to see our solution in action here:I linked to some of the information above, but if you have any questions please feel free to reach out to me or Robert (SentinelOne) anytime! Wishing you the best of luck in finding the right solution to keep your organization safe:). Blake2961 wrote:@brandon220 - Malwarebytes Endpoint Security is a combo of their Anti-Malware, Anti-Exploit, and Anti-Ransomware products. And adds a central management console for the workstations in the organization.@Spartan117458 - I agree.
A layered security approach is always the best approach. However, I'm thinking if the Malwarebytes Endpoint Security gives really good and centrally managed protections on all machines, can the lower tier AV products (i.e. Windows Defender) be coupled with it and still provide a good solid protection plan?
There is a ton of debate on the effectiveness of traditional AV, and I think that's because 'traditional viruses' are being abandoned for malware and ransomware (both of which seem well protected with this product).Windows Defender is useful, only assuming you are using Windows 8 or newer. The version before Windows 8 is not a true antivirus solution. You would need SCCM protection for Windows 7.
It all depends upon your network and your specific business needs. Windows Defender is resource efficient but it lags in detection.
If ransomware is an issue, behavior based programs likely Barkley and Sophos InterceptX along with a Next-Gen provider that is using machine learning helps. I like Malwarebytes exploit protection but I question their behavior based ant-ransomware product. Their traditional scanner, is second to none, in removing PUA (potentially unwanted application) or PUP (potentially unwanted programs).Here is a recent ransomware sample to show what I mean by lagging.
The machine learning vendors identified the ransomware first, then the traditional vendors, lastly Microsoft added detection of the file. Microsoft really has let their antimalware solution go.Personally, I am a Sophos fanboy. With the purchase of Invincea, Sophos will have an outstanding package of traditional, behavior based, and next-gen machine learning in a combined package, once the products are merged together.I do not trust Malwarebytes yet as a stand alone, especially since Malwarebytes removes old malware from their database. Nothing like being hit by a 3 year old virus that literally every traditional AV vendor detects.
To me, that is a huge red flag. Do not get me wrong, I love what Malwarebytes does, I just would not trust it as a stand alone solution, at least not yet.