Malwarebytes Endpoint Detection & Response
Industry-Leading Protection & Remediation Technologies
Malwarebytes Endpoint Detection and Response is a cloud based single management console with multi-vector protection (MVP) the solution provides a seven-layered approach.
This product gives you a EDR solution without complexity by integrating multi-vector protection with detection and response capabilities via a single agent. It provides continuous visibility into endpoints and reduces the dwell-time of zero day threats. Unlike other EDR solutions, they don’t just alert, they fix it.
The Technology of Malwarebytes Endpoint Detection & Response
Malwarebytes Endpoint Detection & Response integrates Multi-Vector Protection with detection and response capabilities via a single agent. It’s multi-vector protection (MVP) uses a seven-layered approach, including both static and dynamic detection techniques, protecting against all known and unknown threat types. It provides visibility, reduces dwell-time of zero-day threats, and offers remediation options beyond alerts. Endpoint Protection & Response eliminates EDR complexity with intuitive endpoint monitoring, detection, and remediation.
Take a look at the product features tab to see a complete list of the protection and response layers with detailed descriptions.
Multi-Vector Protection
Malwarebytes Multi-Vector Protection (MVP) both static and dynamic detection techniques, to protect against all stages of an attack. The seven layers are web protection, application hardening, exploit mitigation, application behaviour, anomaly detection machine learning, payload analysis and ransomware mitigation.
Three Modes of Endpoint Isolation
Network isolation restricts which processes can communicate. Process isolation controls which processes are allowed to keep functioning. Desktop isolation alerts the end user and halts further interaction to limit damage. Malware is rendered incommunicado and remote attackers are locked out.
Flight Recorder
Continuously monitors and stores endpoint events in the cloud. Administrators can track file system events, network connections, process events, and registry activities. They can even view full command line details of executed processes on the endpoint – automatically displaying suspicious activity in cloud console.
Suspicious Activity
An added Suspicious Activity page in the cloud console displays suspicious activities on endpoints across the network.
Administrators can see the location, severity, affected endpoint, status, date and time, the detection rules that triggered for the detection verdict, and available actions—including the ability to view additional details, remediate/rollback an item, or mark an item as a false positive.
Ransomware Rollback
Administrators can expand protection by adjusting two options that trade off disk space for additional storage—rollback time and maximum file size.
Every change made by a process is recorded. If a process does ‘bad’ things you can easily roll back those changes to restore files that were encrypted, deleted, or modified. This provides administrators with the capability to roll back changes and restore files that were encrypted, deleted, or modified in an attack for up to 72 hours (default 48 hours).
Remediation Map
Click here to see a map that shows when Malwarebytes’ remediation products clean up malware on devices, as they’re happening around the globe, in real time. It’s also important to note that this map does not show remediation results for any potentially unwanted programs. Including these would more than double the number of detections.
For more information on Malwarebytes Endpoint Detection & Response please contact us.
You can also arrange a FREE online demo of the solution via WebEx with us where we can demonstrate how it works live.
Get in touch
Knowledgebase Articles
