Malwarebytes Endpoint Protection for Business review

Since 2008, global internet security company Malwarebytes has been producing products to protect home and devices from malware, and other types of online threats. 

From 2016 onwards the company has produced EPP products such as Malwarebytes Endpoint Protection. The main product page boasts that traditional EPP (Endpoint Protection) products aren’t working, so is Malwarebytes Endpoint Protection for Business really one of the best endpoint protection software ?

Malwarebytes Endpoint Protection for Business: Plans and pricing

(Image credit: Malwarebytes )

Malwarebytes Endpoint Protection for Business: Plans and pricing

Malwarebytes offer a number of products for Endpoint Protection. The focus of this review is Malwarebytes EPP for Business (hereafter shortened to ‘EPP for Business’). 

EPP for Business pricing starts at $4.96 per device, per month for 10 – 99 devices. You can also contact Malwarebytes directly for a quote for coverage of 100 devices or more.

Malwarebytes EDR (Endpoint Detection and Response) costs $6.02 per device per month for 10 – 99 devices and includes more advanced features like behavioural analysis and 72-hour ransomware rollback. Malwarebytes also invites larger organizations to contact them directly for a quote for protecting 100 devices or more.

There’s also a server edition of both platforms, with prices starting at $8.85 per device per month for 1-20 devices for Business EPP for Servers.

Malwarebytes offer a free 30-day trial on their website to interested parties, who only need to enter a business e-mail to receive a download link. No credit card information is required.

Malwarebytes Endpoint Protection for Business: Features

(Image credit: Malwarebytes )

Malwarebytes Endpoint Protection for Business: Features

Malwarebytes has released a detailed whitepaper on Business EPP replete with exciting terms like ‘Remediation-based Intelligence’ and ‘Multi-Vector Endpoint Protection’.

There’s also an excellent datasheet, which provides a bulleted summary of Business EPP’ main features. Chief amongst these is a very client, which is quick to download and setup. Management of Endpoints takes place through Malwarebyte’s ‘Nebula’ cloud portal (more on this later).

The platform also claims to incorporate ‘web protection’ technology to protect endpoints from malicious URL’s, scammer networks and malvertising. When we contacted Malwarebytes to request an evaluation of Business EPP for this review, they also suggested installing their free ‘BrowserGuard‘ browser extension on our test machine, which is also designed to protect users from malicious links.

The aforementioned datasheet goes on to explain the platform engages in application ‘hardening’ to reduce endpoints’ , as well as behavioral-based analysis and blocking. The company claims this is also combined with ‘zero day’ protection which uses payload analysis to proactively block threats. 

Another point in Malwarebytes favor is that their machine learning isn’t entirely trained on malware but also focuses on ‘goodware’ – in other words they claim their platform is better able to recognize properly signed code from know, reputable software vendors. 

These are all bold claims, so naturally we were eager to put Malwarebytes Business EPP through its paces.

Malwarebytes Endpoint Protection for Business: Setup

(Image credit: Malwarebytes )

Malwarebytes Endpoint Protection for Business: Setup

After speaking to a very helpful Malwarbytes employee we were graciously provided a download link for an evaluation version of the platform.

After quickly registering an online account we were quickly logged in to the Nebula cloud console. Unlike other endpoint security platforms we’ve reviewed, this one actually came with an introductory video, showcasing the console’s main features. We were also helpfully reminded that we could visit this and other helpful videos via the dedicated ‘tutorial’ section.

If this weren’t enough hand-holding, Nebula next launches an onboarding wizard, which guides users through the process of accessing the ‘Download Center’ and selecting the appropriate agent software for the endpoint. (We were pleased to see that the big 3 of Windows, macOS and Linux are supported).

Having selected an MSI installer for our test machine, we were also delighted to see the console offers the between direct download (for single devices) or link sharing (for multiple devices).

Once the download was complete, the ‘Agent Setup Wizard’ lived up Malwarebytes’ claims – not only was the file itself very lightweight but installation took under a minute. We were warned that the endpoint wouldn’t necessarily show up in the Nebula console right away but in practice this happened in seconds.

Malwarebytes Endpoint Protection for Business: Interface

(Image credit: Malwarebytes )

Malwarebytes Endpoint Protection for Business: Interface

On first login to the Nebula console without the assistance of any wizards, we visited the main dashboard to say that our ‘security score’ was still being prepared. Fortunately we were able to easily click into the ‘Classic’ view tab which showed less esoteric information like endpoint status, the number of detection events and detections by category.

Brute force (if any) are displayed on an impressive graphical world map and there’s also an excellent breakdown of endpoints by OS.

Users can hover over options in the left-hand panes to access options for other sections. This is extremely simple to follow and the choices are well laid out – for instance, hovering over the ‘Manage’ section offers the option of ‘Endpoints’ or ‘Patch Management’.

The ‘Configure’ section is useful for adding users and groups, as well as setting policies. The ‘Monitor’ section is also an excellent way to view events like quarantined files. From here, you can also click in to suspicious files to view more information. 

Malwarebytes Endpoint Protection for Business: Performance

(Image credit: Malwarebytes)

Malwarebytes Endpoint Protection for Business: Performance

When testing endpoint security platforms, our first test is always to try to download a fake computer virus, provided by the good people of EICAR.

We opened the Microsoft Edge browser with our test machine and were curious to see if the ‘BrowserGuard’ extension would have any effect on our experience. In the event, BrowserGuard didn’t interfere with us visiting the site that contained our test computer virus, which we then downloaded to the machine in compressed (ZIP) format.

Next, we extracted the fake virus into the ‘Downloads’ folder and attempted to run it. The Malwarebytes EPP client immediately sprung to life and notified us that it had quarantined the file.

Our next test was to try to copy a new, real computer virus that we’d caught in the wild to the test machine’s ‘Downloads’ folder. We do this to test if a platform is using behavioral analysis to detect suspicious files or just comparing them against a database of known threats. The file copied across successfully but when we tried to run it, it was instantly detected and quarantined by the Malwarebytes Business EPP client.

We were a little perplexed by the way that Business EPP responded to threats, as most other endpoint security platforms we used employ real-time scanning. In other words, suspicious files are automatically quarantined before users have a chance to run them. However, the fact remains that the threats were neutralized before they could damage this machine, so we consider this test a success.

On logging in to the Nebula Cloud console, we immediately saw the alerts generated and the platform also sent us an e-mail for good measure in each case to say the threats had been quarantined. 

We attempted to set a new policy to see if we could make the platform more proactive about automatically quarantining suspicious files before they run but were told that ‘suspicious activity monitoring’ is only available for MalwareBytes EDR (Endpoint Detection and Response). Given that Business EPP was able to block a suspicious file based on its behavior rather than its signature though, the protection the platform provides seems to be adequate. 

Malwarebytes Endpoint Protection for Business: Final Verdict

As readers have seen, we did have a “heart in your mouth” moment when viruses were copied to our test machines and the Malwarebytes EPP client seemed to ignore them but they were quickly neutralized when it mattered most, as we tried to run the files. You could even argue this is more efficient in terms of system resources, as quarantining only takes place when necessary. 

The Malwarebytes ‘BrowserGuard’ extension also didn’t seem to have any objection to us downloading a fake virus file, though of course there was no risk to the endpoint in that case. There doesn’t seem to be any support for devices (although this may be provided by another product ‘Malwarebytes Mobile Security’, nor is there a dedicated standalone firewall for clients). You also need to pay extra for Malwarebytes EDR if you need full protection from ransomware. 

We mention these very small criticisms, as it’s clear that Malwarebytes Business EPP is otherwise a flawless platform. Unlike many other endpoint security solutions we’ve reviewed, the website has a clear pricing model for organizations with 10 – 99 machines.

The Nebula cloud console is an absolute pleasure to navigate. It effortlessly walks users through the setup process, including a wizard to install the endpoint client on machines.(Bonus points for the fact that the platform supports Linux). The console shows just the right amount of information on devices and alerts, with more information just a few clicks away. 

Although threat detection may work differently to other platforms we’ve reviewed, Malwarebytes Business EPP passed our with flying colors. Given there’s free, no obligation trial organizations have absolutely nothing to lose by taking the platform for a test spin today.

We’ve listed the best cloud antivirus.

Source link