Jump to content

New Mac OS X Remediation Offering and Forensics Capabilities for Enterprise


Recommended Posts

  • Administrators

We are pleased to announce the release of the Mac version of our Malwarebytes Breach Remediation platform!

Malwarebytes Breach Remediation is an endpoint detection and response (EDR) platform designed to scan for and remediate threats in enterprise environments. The included Mac command-line app allows admins to script its functionality however they like.

Being on-demand, Malwarebytes Breach Remediation does not stay running all the time in the background on the endpoint. Using Malwarebytes Breach Remediation, you can catch threats quickly and remediate them completely, rather than going through the time-consuming process of re-imaging the entire system.

Malwarebytes Breach Remediation for Mac has been created from the ground up as a Mac OS X app, using the engine from our existing Malwarebytes Anti-Malware for Mac product (formerly AdwareMedic). It comes as both a command-line app, perfect for busy admins to remotely deploy to endpoints and run via scripts, and a traditional GUI app, which admins can provide to users of unmanaged systems.

Aside from being able to simultaneously detect and remediate threats on Windows and Mac endpoints, Malwarebytes Breach Remediation also includes a new Forensic Timeliner feature–rounding out our EDR capabilities.

Forensic Timeliner extracts evidence from numerous Windows data sources and presents the data in a convenient timeline view. This provides unprecedented visibility into when and how an attack or infection occurred. Extracted information can be used to identify unknown or suspicious files and then converted into custom indicators of compromise (custom IOCs). This enables enterprises to leverage the Malwarebytes detection engine to proactively hunt for malicious files across all of their Windows endpoints.

Timeliner includes intelligent filtering options to display only relevant information and collect data from a specific timeframe–as far back as the original install date. Malwarebytes Breach Remediation can now detect, remediate, and validate that an infection or attack actually occurred. This unique capability helps identify security gaps or unsafe user behavior, allowing companies to better protect their assets and reduce the risk of future incidents.

For more information about our Malwarebytes Breach Remediation solution, see: https://www.malwarebytes.org/business/breachremediation/

For help using Malwarebytes Breach Remediation, please post here in our forum: https://forums.malwarebytes.org/forum/149-malwarebytes-breach-remediation/ or read our FAQ or contact our support team at https://support.malwarebytes.org/?b_id=6445

Malwarebytes Management Console has also been updated to version 1.7 and includes:

Syslog CEF Message Support

  • Improved syslog functionality by adding CEF (Common Event Format) message support

CSV Data Export

  • Added the ability to export Threat View, Client View, Client Security Log, and Client System Log data to a CSV file

Licensing Improvements

  • License subscription expiration date is now displayed
  • Locally and globally-managed seat counts (if applicable) are now displayed
  • Implemented additional licensing improvements to clarify usage

Policy Copying             

  • Added the ability to copy existing policy settings to a new policy

SQL Database Improvements

  • Added the ability to perform on-demand SQL database cleanup
  • Added percentage indicator to show SQL Express database disk usage

Anti-Malware for Business 1.80.2 Managed Client

  • Improved update handling by requiring SSL for downloads

Anti-Exploit for Business 1.08 Managed Client

  • Added Layer0 Dynamic Anti-HeapSpraying mitigation
  • Added Layer0 Anti-Exploit fingerprinting mitigation
  • Added Layer0 fine-tuned VBScript mitigation for IE
  • Added Layer1 RET-ROP gadget detection mitigation
  • Added Layer3 Application Behavior rules
  • Added protection for Microsoft Edge
  • Added protection for LibreOffice
  • Added auto-recovery for Anti-Exploit service
  • Various bug fixes

Other Items

  • Added remote management console support for Windows 10
  • Improved supportability by adding under-the-hood logging improvements
Edited by celee
Link to post
  • celee unpinned this topic

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.