Responding to incidents when seconds matter
Malicious threats are increasingly sophisticated at evading detection. According to Ponemon Institute research, malicious or criminal data breaches take an average of 229 days to identify (dwell time) and 82 days to contain.
And the time required to remediate to these incidents is substantial, often taking hours just to re-image a single endpoint. Lengthy dwell time and time-consuming re-imaging seem inevitable to an experienced IT team. But are they? Malwarebytes Incident Response changes the equation.
Solving your remediation needs
Hunts and removes malware
Malwarebytes Incident Response scans networked endpoints for advanced threats including malware, PUPs, and adware, and removes them. Our proprietary Linking Engine removes all traces of malicious code, including related artifacts, and repairs damaged files. Improves your threat detection while reducing malware dwell time and eliminating the need to re-image.
Incident response automated
Pre-deploy Malwarebytes Incident Response on your endpoints so you have advanced threat detection and remediation ready at the click of a button. Integrates with your existing endpoint management, SIEM, and threat detection tools to automatically respond to incident alerts. Automating threat responses help businesses accelerate their incident response workflows while reducing attack dwell times.
Flexible deployment, integration
Malwarebytes Incident Response includes a persistent agent and non-persistent agents. This provides flexible deployment options for varying business IT environments. Easily integrates into your existing security stack while meeting your operating system (Windows and Mac OS X) and infrastructure requirements.
Malwarebytes Incident Response technology
Incident Response engine
Fast, extremely effective threat scanning with on-demand, scheduled, and automated scan capabilities.
Linking Engine
Signature-less technology that identifies and thoroughly removes all threat artifacts linked with the primary threat payload.
Multiple scan modes
Hyper, Threat, and Custom scan modes offer configurable, silent scans that won't interrupt end-users.
Breach Remediation
Non-persistent (agentless), lightweight tool that can be deployed and integrated with existing third-party tools, including endpoint management platforms and SIEMs. Hunts for malware and threats across networked endpoints with Indicators of Compromise (IOCs) using OpenIOC threat sharing framework.
Forensic Timeliner
Gathers event and log details quickly from more than 20 Windows log repositories and displays them in a chronological timeline view, enabling security teams to uncover what/when/how an endpoint was compromised, and where else the attack may have spread.
Tech specs
Malwarebytes Incident Response
Languages Available
English
Included Components
Malwarebytes cloud platform
Malwarebytes Incident Response(persistent Windows and Mac OS X agents)
Breach Remediation (non-persistent Windows CLI, Mac GUI, Mac CLI agents)
Forensic Timeliner (Windows)
Email and phone support
Hardware Requirements
Windows
CPU: 1 GHz
RAM: 1 GB (clients); 2 GB (servers)
Disk space: 100 MB (program + logs)
Active Internet connection
Mac
Any Apple Mac device that supports Mac OS X (10.10 or newer)
Active Internet connection
Supported Operating Systems
Windows 10® (32-bit, 64-bit)
Windows 8.1® (32-bit, 64-bit)
Windows 8® (32-bit, 64-bit)
Windows 7® (32-bit, 64-bit)
Windows Vista® (32-bit, 64-bit)
Windows XP® with SP3 (32-bit only)
* Windows Server 2016® (32-bit, 64-bit)
* Windows Server 2012/2012R2® (32-bit, 64-bit)
* Windows Small Business Server 2011
* Windows Server 2008/2008R2® (32-bit, 64-bit)
* Windows Server 2003® (32-bit only)
Mac OS X (10.10 or newer)
Please note that Windows Servers using the Server Core installation process are specifically excluded.
* Windows Action Center integration not supported for Windows Server operating systems