We just needed something that was intuitive and easy to use. It had a good record for catching viruses in the wild and things like that.
We have the cloud endpoint solution, so it is cloud Malwarebytes or the cloud EPP.
Malwarebytes Endpoint Protection is delivered via Malwarebytes cloud-based endpoint management platform, is an advanced threat prevention solution for endpoints that uses a layered approach with multiple detection techniques. Malwarebytes Endpoint Protection employs multiple techniques to identify and defend against attacks at all stages of the attack chain using a highly effective mix of signature-less and matching-technology layers working both pre- and post-execution. Malwarebytes Endpoint Protection leverages our Linking Engine technology to remove all traces of infections and related artifacts - not just the primary threat payload. Its Endpoint Protection technology reduces the vulnerability surface, making the endpoint more resilient.
Download the Malwarebytes Buyer's Guide including reviews and more. Updated: October 2021
We just needed something that was intuitive and easy to use. It had a good record for catching viruses in the wild and things like that.
We have the cloud endpoint solution, so it is cloud Malwarebytes or the cloud EPP.
It is intuitive and easy to use. For the most part, it does a good job of catching things. It is good at stopping stuff. I did a couple of tests with a password cracker. I tried to load that on, and Malwarebytes didn't let me do that, which was pretty good.
It has a rollback feature that I haven't seen with any other company. If one of your endpoints are hit with mass ransomware, you could actually roll it back. I watched a demo of them do that, and it was pretty sweet.
The EPP solution lacks the sophisticated artificial intelligence required for automating reports and letting you know about things in real-time. It stops a suspicious activity in real-time, but it doesn't let you know in real-time. You have to look at a report, and then you find out that something is wrong. You have to manually kick off a scan.
With the Advanced EDR solutions, Malwarebytes has the ability to alert you in real-time, but they still don't do automatic remediation or quarantining of devices. That is something that you still have to do manually. So, the endpoint protection piece, which is just like their basic endpoint protection, lacks AI. For the advanced detection and response piece, there is an add-on that comes with it, but it still doesn't go far enough in terms of automatic remediation of viruses. It won't separate that virus from your network if something happens. You have to manually go there and do it.
I have been using this solution since 2016.
Its stability is fine. I haven't had any problems. The only thing is that it catches some of the programs as viruses. We have a program called Poll Everywhere that some of our staff members use, and Malwarebytes flagged it as a virus. Very often, we have to go in and update the hash on this particular software. Malwarebytes catches a lot of things like that. It is good I guess, but there are a lot of false positives.
It is easy to scale, but it depends on what your organization is. If your organization has a lot of PII and you are a large company, then you might want to look at a different type of solution. One of the reports that we got back for Malwarebytes said that it is too commercial, and it is for big businesses like law firms and stuff like that, and we should probably use something else, but that was it. Malwarebytes also had a bad report in third-party testing. This company tests a product against all these viruses in the wild, and apparently, it did pretty poorly in that.
Tech support is good. I haven't called them. You don't really have to call them because it is good at stopping stuff.
We switched to Malwarebytes from Sophos. Sophos provided good protection, but the customer support was just awful. We had to get away from them for that reason. Sophos also made it really difficult for even an admin to remove a product. Sometimes we had problems with the application, and we wanted to uninstall and re-install it, but it was just a nightmare trying to get that stuff off. It is a plus when you are trying to uninstall somebody's antivirus, but it is just hard for an admin who has a legitimate reason for going in there and removing it.
The initial setup was straightforward. In terms of the implementation strategy, the only thing that we had to do was to create policies to turn off Windows Defender. It is recommended that you don't have two antiviruses running at the same time. We did that with a GTO, and then we pushed out the software through group policy. It was a big process because we had Sophos. We had to get Sophos off the machines and then deploy Malwarebytes.
Its cost is around $60 a machine. The cost of the total solution for 250 people is about $8,500 a year. If we add EDR to it, it will bring that cost up to about $15,000. The cost for Carbon Black is about $25,000, which is $10,000 more, but you get all AI functions with it.
We evaluated Carbon Black and Trend Micro. We had a demo with Carbon Black. It is a really good solution, but it is expensive, and there is a learning curve associated with it,
We use a research company. We had a meeting with them, and they gave us an initial bad report with Malwarebytes. The researcher thought that we were this huge company, whereas we only have 150 employees. The same person wrote a report saying that Malwarebytes was good. The report they gave us at a meeting contradicted another report they gave us.
If you're a small company with less than 500 people, the Malwarebytes EDR solution is a good fit. It is also a good solution if:
If you have strict DOD regulations or something like that, you might want to look at Carbon Black and Trend Micro.
I would rate Malwarebytes an eight out of ten.
My job position is Cybersecurity Engineer. We use the solution as an EDR or endpoint detection response. As EDR is, it is not the primary endpoint protection as it can not control the risk. This product is working as behavior monitoring for the end users. These monitoring products are not controlling the endpoint. For controlling the endpoint, you can use EPP (Endpoint Protection) products like Symantec Endpoint Protection, Trend Micro Endpoint Protection, one that was called OfficeScan — now the updated one is called Apex One — or other strong endpoint protection solutions like Sophos Intercept X and so on. But Malwarebytes is just EDR. EDR is mainly for detecting usage behaviors. It is evaluation and it is not technically protection for the user environment.
The interface is not so bad. The dashboard actually is good. It is simple. But it is not able to produce simulated attacks.
I know of more than ten critical cases with clients which affect their use of the product adversely. We work with the Malwarebytes company a lot and have discussed the existing problems with the manager of Research and Development. He would not just say "You are right." But even though he knows that there are issues, there have been no changes in the results and improvements with the product even up until now.
I want to help secure the environments of the clients I work for. I want to benefit a lot of people, a lot of clients and a lot of users. I have specific things, technical details for each feature and each use case that I have worked on. But the company is not making the broader changes they need to in the product to make it an effective solution.
The most obvious problem is that basically the product comes up with a lot of false positives. This needs to be resolved.
There are other particular pain points with the current solution which have to do with the reporting and the problems with difficulty of installation. But these are still not the biggest problems for people using the product.
An additional feature I would like to see is a randsomeware roll back for 72 hours and for 100 GB of files. It is supposed to be a feature in the EDR to defend against randsomeware. But we cannot stop ransomware with EDR. We are supposed to be able to roll back the encrypted files. But it is a fact that, in production, we can not effectively roll back the ransomwares and encrypted files after this kind of attack. The company fails to say we can not go back. It is an important feature in these products and to the clients. But it is not effective.
I have been implementing this solution as a technical consultant in IT and I have implemented this solution more and more over time starting one year ago.
The product is not stable. It is not broken all the time but the stability of this solution needs to be improved.
They have not been receptive to our suggestions about the product and have not resolved the issues that we have reported in great detail.
We are currently looking for a new solution because I am not satisfied with the product or the effort of the vendor to meet the needs of users. I have gone through the trouble of making a table for competition analysis between various vendors to see how they compare and that includes several vendors of EDR solutions including Malwarebyte, enSilo, CrowdStrike, Carbon Black and SentinelOne. I think we will end up working with Carbon Black or CloudStrike. But the current solution with malwarebytes does not perform well enough to properly protect our clients.
I find that the setup and configuration are complex and difficult.
We are the ones who do the installations and implementation.
I have a lot of baggage with this product because of problems I have with the customers, the implementation, the configuration, the settings — it is very, very troublesome. There are various players on the course now. Some solutions may perform better.
I have had a bad experience with Malwarebyte in general. There are a lot of issues I have caught. I wrote these issues down to compile them and then I sent the information to Malwarebyte. Over some time, there was no improvement from the research and development or technical support from this vendor. I have only a few words about this product: It is not good yet. But they have also show almost no interest in improving it.
The proxy setting is a very nice feature. But, with that, you can not remove the proxy settings for the clients who are going out of the office for travel. You have to go to each laptop and write a manual cmd (command line) script to remove the proxy settings. It should not be done this way. It is just another example.
On a scale from one to ten with one being the worst and ten being the best, I would rate this product as a one-and-a-half. It is one of the worst products which I have ever used. If I have to choose a whole number it does not round up, it will round down to a one.
Malwarebytes is more of an Endpoint Protection Platform inside a NextGen AV solution. We use it to do, it does real-time protections, but our primary use for that product is compliance scanning. So traditional threat monitoring plus daily scans, full scan, system scans, etc. And it covers the signature and heuristics gap for us.
The fact that the agent is SaaS-based is a major improvement. So with COVID and the new permitter being the endpoint itself out in the wild, Malwarebytes allowed for protection and communication 100 percent of the time. So if it has an internet connection, we're connected and protected. So that was one of the biggest benefits. We were running Windows Defender before, which if an asset wasn't on VPN or went off-network, it was essentially out in the wind. We didn't know what was happening to it from an AV perspective.
Malwarebytes is easy to use. There's not a lot I like about it, but I will say that they have some of the best signatures out there. As far as traditional AV technology and detection solutions go, that's probably what I'd like about them the most. They have some of the best signature writers out there.
Malwarebytes is too simplistic. From a SOC IR perspective, it doesn't give you very much data around it. It doesn't tie things or provide SHA-1 and SHA-256 detection information, which makes it hard to do an additional investigation. It should give you more hash information, IOC-based information, etc. It also gives a lot of false positives. That's one of our biggest beefs.
I've been using Malwarebytes for three years.
The Malwarebytes agent has a design flaw that impacts performance. They built it on top of ClamAV, which is okay, but they run into some problems excluding certain locations or dealing with high-performance impact solutions. If you exclude it, then it's excluded completely, and you lose telemetry on it entirely. Again, we have experienced some problems with their agents breaking in their own update processes.
Scalability's fine. We never ran into any issues, and we're a large company with 17,000 users. So I think that Malwarebytes can scale just fine. But that's probably due to the solution's simple nature. The more data you're pulling back, the more complex it gets, which creates a greater load on the backend systems that they're hosting. However, Malwarebytes is pretty lean right now, so performance has never really been a problem from a console perspective.
I'd say that Malwarebytes support is fine, but they lack maturity when it comes to enterprise-class security solutions.
We were running Windows Defender, but we switched to Malwarebytes because it is a cloud-hosted SaaS solution that is as effective on the cloud as it is on-prem.
Straightforward. We're a very large environment, so it took us a couple of days, but technically, you could begin deployment almost immediately. As is the case with any AV product, you have to fine-tune it to deal with false positives and performance issues. Aside from that, the deployment itself can be done very quickly. You can use SECM, PDQ. They even have their own deployment tool that you can use. It's pretty easy to get it out there.
We did the implementation ourselves. My security department partnered with our patch management and asset deployment team. We gave them the packages and the switching, then they began deployment from there. It doesn't need a lot of maintenance. About three people should do it. Whoever deployed the solution will occasionally need to redeploy or fix an agent. You also need one or two frontend security staff to operate it.
I would say that it's affordable. It costs much less than Sentinel One, CrowdStrike, or anything of that nature. But, at the same time, you are getting what you pay for. So I would say it's one of the best when you're comparing traditional NextGen AVs like Webroot that aren't the best in the bunch. McAfee and some of those other ones bring a lot more different options to the table. But if it's just straight AV technology, I would put Malwarebytes at the top of the heap in terms of value for the money.
I would rate Malwarebytes eight out of 10 if I'm judging it by the standards of traditional endpoint protection or NextGen AV solution. When it comes to frontend protections, it has some of the best definitions. In addition, they do traditional signature and heuristic detection a lot better than Microsoft and some other players in that space. But if you're lumping it in with other EDR solutions, it's a zero.
If you plan to use Malwarebytes, I suggest utilizing its auto-patching mechanism as much as possible and aggressively keeping it up to date.
The solution is primarily used as a security feature that's very low-maintenance. We just put it in and leave it, and it actually defends us in a proper way.
We don't really keep track of any metrics that indicate how it improves the way our organization functions. It just protects us.
So far, the solution has done a good job of protecting us from malicious items, such as ransomware, among other things.
The solution is pretty easy to use.
The pricing of the product is very good.
The product is very easy to configure and set up.
The interface could be improved. Currently, you need to really dig around to find the elements you need. It would be ideal if they could make it easier to navigate. The minimalistic design could be better.
Mainly from an enterprise point of view, they could probably get involved a little bit more with the firewall aspect. That said, Microsoft is doing quite a good job in this area.
As long at they keep pace with the threats, we're pretty happy with them.
We've been using the solution for about three years at this point. It's been a while.
The solution is 100% stable. It'd very, very reliable. There aren't bugs or glitches. It doesn't crash or freeze.
There isn't too much scalability. It's got its console and you see all equipment within your organization on it. It does a little bit of network checking and that kind of stuff, however, actually, it is basically just an endpoint product.
We have a small company with about 25 users that are on it right now. That's it. Most of our clients are small to medium-sized companies.
I never used technical support. I've never needed it. Not for implementation, at least. I just took two courses online just to get to know the console a bit better and that's it.
In the past, we've used Norton as a security solution. However, that's it. We haven't used anything else. We decided to switch to better protect our endpoints.
The initial setup is not complex at all. It's quite straightforward, actually.
The deployments are pretty quick. It typically takes about five minutes per endpoint. However many endpoints you have will dictate how long it will ultimately take.
You don't really need too many people for deployment and maintenance. If the client buys only the endpoint, the client usually implements it. If they need to, they may request a consult. We usually do the implementation remotely on the local server or whatever computer they dedicate for it. There is also a web solution that you can just add a console to. You always enter via browser, however, you can have it local or on the cloud.
We did not use any integrator or consultant for the deployment. We were able to easily handle it ourselves in-house.
We have found the pricing to be quite reasonable.
The cost may be something in the ballpark of $20-25 a year per computer. There are no costs above the main licensing cost.
We did look at other options. However, we found this solution to be light on the endpoint computer. It does a great job of protecting against malware and it's cheap, which is quite important to the kind of clients we're working with.
We're resellers and customers. We use it in our organization and we also sell it. We sell the solution when we think it is the correct option for our client, and as long as a client doesn't come with a special request. Obviously, we sell what the clients want and what is in their best interest.
We're using the latest version of the solution. We're paying a subscription and therefore the updates are automatically added.
The product is great. It's straightforward and it does what we need it to do.
Overall, I would rate the product at an eight out of ten.
One of the reasons we use the solution is to protect the endpoints. Plus we are also using the EDR facility to protect servers and for emergency response. As for Malwarebytes, they will be able to help us track how the malware activities happened, which can help us in the restoration process. We haven't come across anything where we had to use these services or use the tool to recover anything. We haven't come to that yet.
Often, the customers had been compromised previously, and, due to that, we propose that solution to them. They like that tracking and restoration options are on the table if they get breached again.
The solution is very good at scanning.
It's a good product. It does the job.
It offers good protection. I haven't come across any issues so far, which I need to escalate.
The solution scales remarkably well.
We've had a good experience dealing with technical support.
We have noticed that when the solution is doing the scanning, all the scanning activities make the device heavier. It slows down your machine. Alternatively, sometimes when it's scanning the application fast, you find that your applications will be slow in response. If you compare it to, for example, Trend Micro, this slow down doesn't happen when you use that solution.
Basically, this solution seems to have issues with CPU and Memory. If you have got a good, high spec machine, then you won't feel it. If you go running SSDs and other stuff, you won't feel that performance issues. We have got customers in Fiji who are using 5,400 RPM hard disks, so they feel the pinch.
The solution is a bit expensive.
I've been using the solution for about two years at this point.
The stability is good. We haven't faced any issues so far.
The solution has a lot of scalability potential. If a company needs to expand it, it won't have a problem at all.
We've been in touch with technical support on a few deployments at this point. On a couple of deployments, we had some glitches where we were not able to deploy it on MacBooks. We hit a few walls dealing with iOS, and they were very good at helping us deploy the product.
We were lucky in that we had a contact that had an account manager, and they were great on the support side. They really helped us out.
We've been satisfied with the level of service we've gotten
We also work with Trend Micro, Symantec, and Kaspersky.
The solution was not complex to set up. It was pretty straightforward for the most part. We found it to be rather easy.
We typically connect with one of the techs and one of the account managers during deployments. The engineer we connected with was very knowledgeable about the product and made everything ever easy.
The solution really needs to look around at the rest of the market. They're slightly more expensive and it would be ideal if they were more competitive.
We're an official partner in Fiji.
We use both on-premises and cloud-based deployment models.
I'd recommend the solution to others. That said, I always recommend a POC is done first to see if it will properly fulfill a company's needs.
Overall, I would rate the product at an eight out of ten.
Our primary use case is as a tool that is effective protection for malware and includes automated remediation and ransomware rollback. I'm the executive director of the company and we are resellers.
From a business perspective, using Malwarebytes means we now have very few disruptions which save the company a lot of time. We previously had a lot of false positives that halted some of the services that impact certain departments. Because the solution is based on cloud, we were able to reduce management issues and the business was enhanced by the automated remediations.
This solution has a strong industry reputation in terms of its successful ransomware shut down operations. I value the complete visibility it offers and the ease of use. From our experience, it provides 100% visibility and detects hundreds of infections. With other similar solutions, the remediation can take some time but with Malwarebytes, it's a lot quicker. As a result, it provides a good user experience in the sense that downtime is significantly reduced. We use the solution extensively.
I'd like to see increased efficiency in terms of detecting false positives because we sometimes have cases where detections are repeated despite requests for them to be identified as false positives. It creates a problem for our security department and is annoying to deal with. Once you mark it as a false positive that should be it.
It would be helpful if they were to introduce more flexibility in terms of cloud management because there are certain things that could be more granular or specific. It sometimes lumps three or four cases into one group.
I've been using this product for a year.
We've been running the solution for over a year and it's quite stable. Performance is excellent. We haven't had any degradation or performance issues. We have a maximum of two network administrators dealing with maintenance.
We have close to 600 end clients, devices, and haven't had any issues with scalability. We'll extend use as needed. We were told that even with double the number of users there won't be any issues.
From the perspective of our technicians and engineers, the support was very good. We are rating it in comparison to McAfee and CrowdStrike, where we felt the support was not as forthcoming.
We still use CrowdStrike, although to a much lesser degree because it's less effective in resolving problems. Likewise with McAfee protection, where we had issues with service quality that interrupted our business.
The initial setup was straightforward and transparent. It took just a few hours and was deployed by our in-house IT people.
It's worthwhile doing a case study and testing the solution in your environment and comparing results between different products. We have a lot of virus spyware exploit samples that we keep just for testing purposes, and we use the same consistent standard to test it. In our case, the result was that Malwarebytes came out on top of the others.
Malwarebytes isn't yet perfect for a lot of endpoint solutions. From a cloud-based management perspective, there are still issues with endpoint isolations and automated remediations. It requires some fine-tuning even though it comes out on top in terms of performance.
I use Malwarebytes as a backup, an alternative antivirus if you like.
I like the solution's ability to detect potentially unwanted programs. For some reason, it seems superior to other solutions, or at least in comparison to McAfee.
I kind of like what they've got. It's relatively easy to use. The console's pretty good. The reporting is pretty good as well. In fact, arguably the reporting is better than McAfee.
The pricing could be improved.
In terms of general improvement, I can't think of any features that are lacking. It's a pretty solid solution.
If they want to compete with bigger players, they should consider adding items like threat detection and website warnings.
I've been using the solution for two years now. It hasn't been too long.
The stability of the solution is quite good. I've never had issues with it in that regard. It doesn't seem to have bugs or glitches. It doesn't crash or freeze.
The only bug I've even noticed works in my favor. The updates work. However, the side-benefit to updating is whenever I do an update they actually give me another 30 days of the full license for trial as there seems to be a bug in their solution. That means that it doesn't recognize when you've already had it. It says, "Oh you've got an update. Oh, you get 30 days free trial again." That's fine. That's a nice bonus.
The scalability of the solution is good. A company shouldn't have issues scaling it.
I also use McAfee as well. I use them both and scan using both of them to compare results. I find that Malwarebytes typically picks up things McAfee misses.
McAfee tends to hide the details for me and when it detects something and so quarantines it, McAfee just points you to the website, and usually the links they point you to are wrong and don't actually tell you what's going on. Malwarebytes at least says "this is what this is and we got rid of it for you". It's very specific
The initial setup is very straightforward. It's not complex. You just install it and you are good to go.
There isn't too much maintenance needed on the solution.
I've never had to contact technical support in the past. I can't speak to their responsiveness or general knowledge.
I'm just a user and a customer. I don't have a professional relationship with the solution.
I'm using the latest version of the solution. I've lost the real-time scanning, so I use McAfee for that. I use Malwarebytes as a backup, an alternative antivirus. If I think my system's got something wrong with it, I'll scan it on McAfee, and then I'll scan it on Malwarebytes as well. There's a difference.
I commonly recommend Malwarebytes to people due to the fact that I find it quite reliable.
All things considered, I'd rate the solution eight out of ten. It's not like the big boys - the TrendMicros, Symantecs or CrowdStrikes. It doesn't necessarily compete well in those market areas.
One of our clients right now is using Malwarebytes for their endpoint security, and they were part of a security assessment we ran. This organization was hit by ransomware and therefore getting a solution specifically that addressed ransomware was of primary importance.
The solution was successfully deployed and so far has been able to stop all ransomware attacks, which has been extremely beneficial to the organization. The IT manager is also able to manage the solution easily. Our observation is that the company is getting the updates as it should be and it's functioning successfully.
The solution has a good management interface.
The fact that we are able to successfully deploy it on all the endpoints and the client has not had any recurrence of a ransomware event has been very good. It means that it's doing what it's supposed to do.
Overall, I haven't found any ways the solution lacks in features or usability.
I've been using the solution for two years.
Our impression is that the solution has a good reputation for stability and is a good choice. Sophos is our number one partner, however, we find that working with Malwarebytes is also fine. We would have no objections to somebody making the choice to use it.
The solution scales up just fine, especially for mid-tier organizations.
I can't comment on technical support. It's probably fine, however, I don't think we've ever engaged with them.
The initial setup was not too complicated. It deployed easily. I don't think there were any difficulties around implementation. The client actually did it before we were involved with them, so it must not have been too difficult.
The organization wasn't large, so the deployment only took about two to three days. It wasn't too lengthy. It went pretty quickly.
In terms of maintenance, one person can handle the job easily.
In terms of licensing, the solution is certainly comparable to other choices. I would say they're comparable to Sophos or Symantec among others. They'd be very close to each other price-wise. I don't think they're cheaper; I believe they're at a similar price point.
I'm not really totally familiar with all of their licensing choices, so I'm not sure if there are costs over and above the standard licensing fees.
We've never resold Malwarebytes. We've just worked with customers that had already begun using it.
This is one of the best solutions for ransomware.
It deploys as one would expect, and it manages as one would hope.
It's perfectly fine for small to mid-tier organizations and I would say that it works as advertised.
I'd give them an eight out of ten. Sophos Intercept X is probably technologically more rigorous and it has some technical advantages for Sophos users in that that it can integrate with the firewalls and have incident response capabilities. However, Malwarebytes is perfectly fine on its own.