Malwarebytes
Version: Malwarebytes 1.6.1.2997 and 1.7.0.3208.
Malwarebytes Endpoint Security integrates all of our industry-leading protection and remediation technology into one powerful solution. This solution combines advanced malware detection and remediation, malicious website blocking, and exploit protection in a centrally-managed platform scalable up to thousands of endpoints.
Netsurion Open XDR collects and analyses events and enlightens an administrator about threat detection, scan details, changes in admin, client and policy modules.
Netsurion Data Source Integration for Malwarebytes allows you to monitor the following components:-
- Operations – Management console user logon and log off, User password changed and User management.
- Security – Scan status and Threat detection.
- Compliance – Policy management, Group management and Client management activity.
Once Malwarebytes is configured to deliver events to Netsurion Open XDR Manager; alerts, dashboards and reports can be configured into Netsurion Open XDR.
The following are the key Data Source Integration available in Netsurion Open XDR.
Alerts
| Type | Name | Description |
|---|---|---|
| Security | Malwarebytes – Threat detected | This alert is generated when a malicious virus has been detected on host. |
Reports
| Type | Name | Description |
|---|---|---|
| Security | Malwarebytes – Scan status | This report provides information related to scan details about last scan time, policy used, database updated time, database version, client version updated to and threat detected on the client machine. |
| Security | Malwarebytes – Threat detection | This report provides information related to threat detection about threat detected time, threat name, threat type, threat scanned path, action taken, outcome and service name on client machine. |
| Operations | Malwarebytes – Management console user logon and log off | This report provides the information related to user logged on and logged off from the Malwarebytes management console. It consists of columns EventTime, Server Name, Admin User Name and Status. |
| Operations | Malwarebytes – User password changed | This report provides the information related to user password changed by the administrator on management console. It consists of columns EventTime, Server Name, Changed By and User Name. |
| Operations | Malwarebytes – User management | This report provides the information related to user management where administrator create, remove, import, enable or disable the users from management console. It consists of columns such as EventTime, Server Name, Changed By, Action and User Details. |
| Compliance | Malwarebytes – Policy management | This report provides information related to policy management where administrator create, edit, remove, deploy, switch clients, enable or disable the policy. It consists of columns such as EventTime, Server Name, Admin User Name, Action, Client IP or Host Name and Policy Name. |
| Compliance | Malwarebytes – Group management | This report provides the information related to group management where administrator create, modify, remove the groups and move the clients to different group from management console. It consists of columns EventTime, Server Name, Admin User Name, Action, Group Name, Client Host Name and Modified Group Name. |
| Compliance | Malwarebytes – Client management activity | This report provides information related to client management activity when administrator performs the client push install activity from the management console. It consists of EventTime, Server Name, Admin User Name, Client IP or Host Name, Action and Additional Information. |
Documentation
The configuration details are consistent with Netsurion Open XDR 7.x and later, Malwarebytes.
Download Integration Guide for configuration instructions and more information.