- Jul 1, 2017
- 18
- Content source
- https://youtu.be/reSxETmeYVM
Hello,
Today, fully test and review of Malwarebytes EDR.
Information : Sorry for bad english.
Test performed on : 05/01/2023
The company Malwarebytes offers us an EDR version of its flagship product which is equipped with several layers of protection including an I.A Machine Learning, protection against the brute force RDP for the Windows Server edition, a very reputable Anti-Exploit and an Anti-layerRansomware with Rollback to restore encrypted files.
Installing the Malwarebytes agent is done very simply by downloading a small MSI installer, once installed Malwarebytes EDR disables Microsoft Defender and goes into primary protection for the system.
In the Nebula console of Malwarebytes I made a policy or I configured Malwarebytes for maximum security
The Nebula console interface is only available in English at the moment but the interface is clean and clear
Malwarebytes in the console also offers a Sandboxing Analysis service, which allows to send in a sandbox to Malwarebytes manually to analyze an unknown file to know the behavior of the file if it is malicious or not a very good point for it.
On malicious links Malwarebytes is extremely effective all is blocked
On malicious PDF files on malware packs that will contact malicious links it’s the same all is blocked!
On older malware packs Malwarebytes is also very efficient and cleans the pack almost completely
On the 0day malware pack instead a malware will pass and inject all the Windows executables of the machine
We may note that despite the machine being infected the malware connection requests are blocked by the Malwarebytes web agent
Note that the EDR version and the consumer version of Malwarebytes are different and do not have the same detection technologies!
Performance: Malwarebytes EDR consumes a little too much RAM and CPU resources, we have peak consumption during 100% CPU analysis and 1 GB RAM consumed by the Malwarebytes service! A small optimization would be welcome for this EDR version.
Verdict and conclusion: Too bad for Malwarebytes EDR, even if the malware requests are blocked, the machine is still well infected and the machine must go through disinfection unfortunately, but Malwarebytes EDR remains a very effective security product and even highly recommended for companies! We encourage Malwarebytes to improve the disinfection process and improve the I.A Machine Learning technology to make the product even better!
Today, fully test and review of Malwarebytes EDR.
Information : Sorry for bad english.
Test performed on : 05/01/2023
The company Malwarebytes offers us an EDR version of its flagship product which is equipped with several layers of protection including an I.A Machine Learning, protection against the brute force RDP for the Windows Server edition, a very reputable Anti-Exploit and an Anti-layerRansomware with Rollback to restore encrypted files.
Installing the Malwarebytes agent is done very simply by downloading a small MSI installer, once installed Malwarebytes EDR disables Microsoft Defender and goes into primary protection for the system.
In the Nebula console of Malwarebytes I made a policy or I configured Malwarebytes for maximum security
The Nebula console interface is only available in English at the moment but the interface is clean and clear
Malwarebytes in the console also offers a Sandboxing Analysis service, which allows to send in a sandbox to Malwarebytes manually to analyze an unknown file to know the behavior of the file if it is malicious or not a very good point for it.
On malicious links Malwarebytes is extremely effective all is blocked
On malicious PDF files on malware packs that will contact malicious links it’s the same all is blocked!
On older malware packs Malwarebytes is also very efficient and cleans the pack almost completely
On the 0day malware pack instead a malware will pass and inject all the Windows executables of the machine
We may note that despite the machine being infected the malware connection requests are blocked by the Malwarebytes web agent
Note that the EDR version and the consumer version of Malwarebytes are different and do not have the same detection technologies!
Performance: Malwarebytes EDR consumes a little too much RAM and CPU resources, we have peak consumption during 100% CPU analysis and 1 GB RAM consumed by the Malwarebytes service! A small optimization would be welcome for this EDR version.
Verdict and conclusion: Too bad for Malwarebytes EDR, even if the malware requests are blocked, the machine is still well infected and the machine must go through disinfection unfortunately, but Malwarebytes EDR remains a very effective security product and even highly recommended for companies! We encourage Malwarebytes to improve the disinfection process and improve the I.A Machine Learning technology to make the product even better!
Last edited by a moderator:
