-
Posts
1,742 -
Joined
-
Last visited
-
Days Won
16
AlexSmith last won the day on February 7 2022
AlexSmith had the most liked content!
Reputation
87 ExcellentAbout AlexSmith
- Birthday 08/11/1981
Profile Information
-
Location
Minnesota
-
Interests
Windows, malware, PowerShell, IT administration, technicians, heavy music, and video games
Recent Profile Visitors
14,167 profile views
-
Malwarebytes Patch Management vs Ninite
AlexSmith replied to pfefferc's topic in Malwarebytes Nebula
Hi @pfefferc!! Let me give you an overview: Patch Management enhances our existing asset inventory management capabilities by providing Nebula/OneView admins insight on the outdated 3rd party software installed across their managed endpoints as well as gaps in the installed operating system updates. Armed with this, Nebula/OneView admins can update supported 3rd party software and/or install OS updates/patches directly from the console on-demand or as part of a re-occuring schedule. Allowing admins the control they need to deploy updates. It does not provide the ability to deploy custom installation packages or custom OS updates nor uninstall existing software or existing OS updates. Ultimately yes there may be some common/similar features when compared to Ninite, but our Patch Management feature provides more control of keeping 3rd party software up to date via a schedule, it provides management of OS Updates, and it can extend our Vulnerability Assessment component to provide easy patching of vulnerable 3rd party software on managed endpoints. -
Currently, It's Windows only but we plan to bring it to macOS later this year. As @AdvancedSetup called out, we do not currently support ARM64 versions of Windows. It's on our roadmap and will have more to share later this year.
-
Hi @PokyWizard, I am the Technical Product Manager of the Malwarebytes Endpoint Agent that our cloud-managed "Endpoint Protection" and 'Endpoint Detection and Response" use. I can help answer your technical product questions. Yes, we added Device Control earlier this year for Windows endpoints. This gives you the ability to block external storage devices. You can learn more about it here: https://service.malwarebytes.com/hc/en-us/articles/4417282329491-Device-Control-in-Malwarebytes-Nebula Yes, you can see if users are getting infected from the Nebula Console and via Notification emails as well as detailed reporting. Yes, the Nebula Console will list all endpoints you have installed the Endpoint Agent on as well as the versions of the protection components that are installed/running. Updates can be handled for you automatically too so you don't have to worry about what an end-user did or did not install. That's not cool. Drop me an email at alsmith@malwarebytes.com and I will get you in contact with our sales teams personally.
-
Patch Management - Push Custom Application
AlexSmith replied to REGITDept's topic in Malwarebytes Nebula
It does not support adding custom applications. Currently, it supports the following 3rd party applications: https://service.malwarebytes.com/hc/en-us/articles/4576809351443-Supported-Patch-Management-applications-in-Malwarebytes-Nebula -
That's our OneVIew MSP platform, which is like a multi-tenant version of Nebula but not the same thing. OneView does not support SSO today. I recommend providing this feedback inside of OneView itself so the request gets officially logged: https://support.malwarebytes.com/hc/en-us/articles/360039868234-Send-feedback-in-Malwarebytes-OneView
- 5 replies
-
- 1
-
- feature request
- sso
-
(and 4 more)
Tagged with:
-
@Savitek I assume you are asking for Azure AD SSO support for our Malwarebytes Nebula platform? If so, we already support that today: https://support.malwarebytes.com/hc/en-us/articles/360039018693-Setup-Malwarebytes-Nebula-single-sign-on-with-Azure-AD If you are looking for something different, let me know the specifics and we can go from there.
- 5 replies
-
- feature request
- sso
-
(and 4 more)
Tagged with:
-
Thanks for the clarification. I now have a much clearer picture of what you are looking for. Other PMs have already looked at this thread and are in the loop too (in case this should be introduced elsewhere in our product line). We can't promise anything at this time, but the concept of a URL Scanner in the context you're looking for is something Malwarebytes has been looking at doing. So while it's on our radar, I can't say for sure when we would have this and exactly where it would be accessed from. In any event, thank you for the feedback and allowing me to pick your brain a bit.
-
@RevivalTech I am the Technical Product Manager of the Malwarebytes Toolset and after reviewing the thread I have a follow up question: Would it be accurate to say you are looking for Malwarebytes to create a utility that does the following? User inputs a URL into a GUI or CLI utility URL is loaded silently and scrapes content for any additional URLs All URLs are analyzed with our Web Protection and Browser Guard databases/engines Output a report of the detected URLs and provide a Good/Bad result for each If you are looking for something more than that, can you clarify the specifics? As far as building a "VT clone" goes, I would say that's out of the scope of what we can provide. We participate as a trusted partner with VT already, it wouldn't make sense to make something like it when there is a well-established platform that provides results from us and so many other security vendors.
-
Hi, I am the Technical Product Manager for the Malwarebytes Endpoint Agent (Windows, macOS, and Linux). That's the core piece of software that connects our Malwarebytes protection products like Malwarebytes Endpoint Protection to our Malwarebytes Nebula (and OneView for MSPs) cloud infrastructure. With that being said, I wanted to hear from our Forums community what you would like to see changed and/or added on the endpoint side and the cloud console side to improve protection and management. Thanks!!
-
I will let @AdvancedSetup chime in too, but that's odd that addition.txt isn't being generated. That might align with why our Support Tool failed at gathering logs and could indicate the root cause is something outside of Malwarebytes. With that being said, I did notice something odd in your FRST logs: HKLM Group Policy restriction on software: %AppData%\*\*.exe <==== ATTENTION HKLM Group Policy restriction on software: %AppData%\*.exe <==== ATTENTION The above are non-standard items that in theory could interfere with legitimate application components, especially temporary ones (commonly used in updating scenarios), from executing properly. Can you remove those then perform a clean uninstall and reinstall of Malwarebytes? If things are still being evil, try gathering logs again and let us know of any errors you encounter.
-
@jgphelps @AlexLeadingEdge thank you for sharing this and we apologize for the concern this issue is causing. These errors can be safely ignored at this time. In case you are wondering, the error is being produced by the Endpoint Agent attempting to enable upcoming enhancements to the Anti-Exploit engine that haven't been released yet. Essentially, we are saying "hey, this setting you tried to turn on doesn't exist". This results in no functional impact to our product and can be ignored.
-
Endpoint Agent Setup for Windows Assistance Needed
AlexSmith replied to mjolly803's topic in Malwarebytes Nebula
@mjolly803 Sorry for the delay in a follow up. Properly licensed for Server support would mean having a license that includes seats for Endpoint Protection/Endpoint Detection & Response for Servers. When the Malwarebytes Endpoint Agent performs license validation and redemption on a Server OS, it will redeem against the seats for Endpoint Protection/Endpoint Detection & Response for Servers. This in turn means that Windows Server endpoint would now be able to use Server specific capabilities which are configured via the Policy settings in the Nebula/OneView management consoles. Some of the unique settings/configurations for Windows Server include Brute Force Protection for Server Protocols and Suspicious Activity Monitoring for Servers (EDR Only). For more details on settings and Policies, check our user guide here: https://support.malwarebytes.com/hc/en-us/articles/360039985913-Malwarebytes-Nebula-Administrator-Guide Unfortunately, I cannot provide much additional guidance on using a non-Server license on a Windows Server endpoint as that would go against our current licensing. -
Endpoint Agent Setup for Windows Assistance Needed
AlexSmith replied to mjolly803's topic in Malwarebytes Nebula
Hi @mjolly803 and great questions!! Oddly enough, you sort of already answered it yourself, but let me confirm and expand on it. The Malwarebytes Endpoint Agent and the Malwarebytes software component plugins are the same for Windows and Windows Server. Endpoints that are running Windows Server (and properly licensed for Server support) will have access to unique Policy settings/configurations for Windows Server. Policy settings are managed from the Malwarebytes Nebula and/or OneView consoles. Let me know if oyu have any additional questions. -
Our current issue is that it's not following the behavior they stated to us that is expected (i.e. items drop off after 30 days). Yeah we reported the missing functionality with the hover and IPS stated that was an undocumented changed with 4.6.x. They removed as part of refreshing it for the new Achievements component. We have made a request to have that restored, but haven't heard back definitively on it. For the Activity Streams issue, you'll need to rebuild the database. We had the same issue too. Just an FYI - We also found a bug that occurs when searching with the "This Forum" option. That option is not respected after the first page of results and instead reloads the search with results from "All Forums".
-
@tetonbob @MKDB @AdvancedSetup - We have confirmed that the expected behavior is not being respected and instead the Notification pop-up menu is showing all notifications from the first page of the "All Notifications" area. We have reported this back to IPS and hope to hear back soon.