Threat Hunting: Open Season on the Adversary
Modern attackers are increasingly sophisticated in how they target and gain intelligence on their victims, and execute their cyberattacks. Malicious threats continue to penetrate network and endpoint defenses even though businesses have spent billions on bolstering their security stacks. And the time and effort required to respond to these incidents are lengthy, often taking hours just to remediate or re-image a single endpoint. According to Ponemon Institute research, malicious or criminal data breaches take an average of 229 days to identify and 82 days to contain. Now more than ever, businesses need to arm their security teams with the most informed telemetry and the best remediation.
Malwarebytes Incident Response is a threat detection and remediation tool built on a highly scalable, cloud-based management platform. It scans networked endpoints for advanced threats including malware, PUPs, and adware, and completely removes them. Malwarebytes Incident Response improves your threat detection and the time it takes to respond to an attack with the added benefits of scalability, flexibility, and automation.
Malwarebytes Incident Response is the first solution delivered via our new Malwarebytes cloud-based endpoint management platform. The Malwarebytes cloud platform reduces complexity, making it easy to deploy and manage Malwarebytes Incident Response, regardless if you have one or one million endpoints. Eliminates the need to acquire and maintain on-premises hardware.
Malwarebytes Incident Response includes a persistent agent (Incident Response) and non-persistent agents (Breach Remediation). This provides flexible deployment options for varying business IT environments. Easily integrates into your existing security stack while meeting your operating system (Windows and Mac OS X) and infrastructure requirements.
Pre-deploy Malwarebytes Incident Response on your endpoints so you have advanced threat detection and remediation ready at the click of a button. Integrates with your existing endpoint management, SIEM, and threat detection tools to automatically respond to incident alerts. Automating threat responses help businesses accelerate their incident response workflows while reducing attack dwell times.
Malwarebytes cloud platform – Dashboard
Malwarebytes cloud platform – Endpoints (Asset Management details)
Malwarebytes cloud platform – Threats
Malwarebytes cloud platform – Events
Malwarebytes cloud platform – Incident Response in policy
Breach Remediation – Windows
Breach Remediation – Mac
Forensic Timeliner – Windows
Fast, extremely effective threat scanning with on-demand, scheduled, and automated scan capabilities.
Signature-less technology that identifies and thoroughly removes all threat artifacts linked with the primary threat payload.
Highly scalable cloud-based management console provides easy, direct, centralized security policy management, deployments, user account creation, and threat reporting for all geographically distributed endpoints.
Delivers dozens of actionable endpoint system details to administrators’ fingertips including network interfaces, storage devices, memory objects, installed software, software updates, startup programs, and more.
Agentless, headless, lightweight tool that can be deployed using existing 3rd party tools, integrates with SIEMs and uses OpenIOC threat sharing framework to scan for threats throughout the network using Indicators of Compromise (IOCs).
Gathers event and log details quickly from more than 20 Windows log repositories and displays them in a chronological timeline view, enabling security teams to uncover what/when/how an endpoint was compromised, and where else the attack may have spread.
Malwarebytes cloud platform
Malwarebytes Incident Response (Windows)
Breach Remediation (Windows CLI)
Forensic Timeliner (Windows)
Breach Remediation (Mac GUI)
Breach Remediation (Mac CLI)
Email and phone support
CPU: 1 GHz
RAM: 1 GB (clients); 2 GB (servers)
Disk space: 100 MB (program + logs)
800x600 screen resolution
Active Internet connection
Any Apple Mac device that supports Mac OS X version 10.9.5 or newer
Active Internet connection
Supported Operating Systems
Windows 10® (32-bit, 64-bit)
Windows 8.1® (32-bit, 64-bit)
Windows 8® (32-bit, 64-bit)
Windows 7® (32-bit, 64-bit)
Windows Vista® (32-bit, 64-bit)
Windows XP® with SP3 (32-bit only)
Windows Server 2012/2012R2® (32-bit, 64-bit)
Windows Small Business Server 2011
Windows Server 2008/2008R2® (32-bit, 64-bit)
Windows Server 2003® (32-bit only)
Mac OS X (10.9.5 and newer)
Please note that Windows servers using the Server Core installation process are specifically excluded.