Vulnerability response for SMBs: The Malwarebytes approach

Vulnerability response for SMBs: The Malwarebytes approach

The intel you need to secure your business—delivered straight to your inbox

From industry tips and best practices to the latest Malwarebytes product releases and how-tos, our Business newsletter is chock-full with the best of our business blog. Subscribe to our Business newsletter today.


At Malwarebytes, we understand that small-and-medium sized businesses find it uniquely difficult to quickly respond to vulnerabilities. Often, these organizations simply don’t have enough resources to keep up with the volume of patches. 

The stakes are obviously high: According to Ponemon Institute, almost 60% of low-security maturity organizations suffered a data breach because “a patch was available for a known vulnerability but not applied”. 

At first glance, the solution to SMB patching challenges seems pretty simple. With increased automation and security staff, organizations can significantly reduce the time it takes for businesses to respond to vulnerabilities—and we all know that time is of the essence in the patching world.

However, most SMBs don’t have the budget to hire an IT team dedicated to patching. On top of that, automated patch management tools typically aren’t integrated into businesses’ security stack. That means IT teams can find themselves hopping from one security tool to the next, losing visibility, speed, and efficiency in the process. 

The Malwarebytes approach

How we approach vulnerability response at Malwarebytes directly reflects the pain points of SMBs, and it all starts with an intuitive user experience.

Intuitive

With Malwarebytes Vulnerability Assessment, IT teams can easily identify, classify and prioritize vulnerabilities in drivers, applications, macOS, and Windows server and desktop operating systems (OSes). 

Our cloud-native Nebula management console is easy to-use and provides broad visibility across your attack surface, so you can rapidly identify security gaps and eliminate attack vectors. 

The following information is displayed for each endpoint vulnerability.

  • CISA recommended: Shows if the vulnerability is found in the CISA managed catalog of known exploited vulnerabilities.  Provides a link to the CISA catalog for the vulnerability if recommended in the column. 

  • CVE: Shows the CVE number as reported in the National Vulnerability Database. You can click on the CVE number to view additional vulnerability information and recommended remediation steps. 

  • Description: Description of the vulnerability and how it is used to exploit the application. 

  • Endpoint: Host name of the vulnerable endpoint.

  • Identified date: Date the vulnerability was detected on the endpoint.

  • OS platform: Operating system platform of the endpoint.

  • OS type: Type of operating system installed on the endpoint.

  • Severity: Severity level of the detected vulnerability. Severity is set using the CVSS standard. For more information, see CVSS Score System

  • Vendor: Vendor name of the installed software which is vulnerable.

Effective

We use the Common Vulnerability Scoring System (CVSS) to automatically assess the degree of risk associated with detected vulnerabilities. From within the dashboard in our Nebula cloud-based console, users can see at a glance which endpoints are at risk and the projected degree of risk for each: High, Medium, or Low.

You can install available system patches with our Patch Management module. The following information is available for each patch:

  • KB ID: Knowledge base ID of the patch.
  • Description: Short description of the patch.
  • Category: Type of patch.
  • Endpoint: Host name of the endpoint.
  • Identified date: Date the patch was detected on the endpoint.
  • Size: Size of the patch.
  • Restart required: Requirement of a restart to complete installation of the patch.
  • Vendor: Vendor of the patch.
  • Patch: Name of the patch.
  • Severity: Severity level of the patch.

To apply a system patch, all you have to do is select all or check specific boxes for system patches you want to install and then click “Apply patch”. Done.

You can also install updates on outdated software programs. On our Software Inventory page, you can deploy software code revisions across OSes and a wide range of third-party legacy and modern applications, including Adobe, Chrome, and cloud storage apps (such as Box).  

In addition, with our advanced scheduling feature, users can pick and choose which applications to include in scheduled updates and which OS patches get deployed based on a combination of category and severity.

Inclusive

Not only do you gain instant visibility into potential vulnerabilities in your applications and operating systems, but you can do so all from the same platform you use for your endpoint protection.

Our VPM is built on the cloud-based Nebula security platform, making it easy to manage all your Malwarebytes solutions from a single platform: Malwarebytes Incident Response (IR), Endpoint Protection (EP), and Endpoint Detection and Response (EDR)

The Nebula security platform provides an intuitive guided user interface; next-generation threat intelligence; multi-layered security, including industry leading remediation; and easy integration with SIEM, SOAR, and ITSM solutions to simplify detection and response and resolve IT tickets with ease.

Intuitive, effective, and inclusive vulnerability response for SMBs

A combination of factors is responsible for SMBs not doing timely patching, but can mainly be chalked up to a lack of automation and dedicated IT patching staff. In fact, vulnerability and patch management activities for most SMBs are either only partially deployed or not even planned or deployed at all. 

That changes with Malwarebytes VPM modules

Our approach to vulnerability response is designed for SMBs with limited IT staff, and who understand how valuable automation is in the patching process. Not only that, but our VPM modules are add-ons to the cloud-based Nebula security platform, making it easy to manage all your security solutions in a single pane-of-glass.

Want to see Malwarebytes Vulnerability Assessment and Patch Management in action? Watch the demos:

Vulnerability Assessment:

Patch Management: 

More resources:

What is patch management?

What is vulnerability assessment?

Podcast: Why software has so many vulnerabilities

ABOUT THE AUTHOR

Bill Cozens

Content Writer

Bill Cozens is content writer for the Malwarebytes business blog, where he writes about industry challenges and how best to address them.