Malwarebytes is more of an Endpoint Protection Platform inside a NextGen AV solution. We use it to do, it does real-time protections, but our primary use for that product is compliance scanning. So traditional threat monitoring plus daily scans, full scan, system scans, etc. And it covers the signature and heuristics gap for us.
Cyber Security Team Lead (Endpoint) at a manufacturing company with 10,001+ employees
They have some of the best signature writers out there
Pros and Cons
- "When it comes to frontend protections, it has some of the best definitions. In addition, they do traditional signature and heuristic detection a lot better than Microsoft and some other players in that space."
- "Malwarebytes is too simplistic. From a SOC IR perspective, it doesn't give you very much data around it. It doesn't tie things or provide SHA-1 and SHA-256 detection information, which makes it hard to do an additional investigation."
What is our primary use case?
How has it helped my organization?
The fact that the agent is SaaS-based is a major improvement. So with COVID and the new permitter being the endpoint itself out in the wild, Malwarebytes allowed for protection and communication 100 percent of the time. So if it has an internet connection, we're connected and protected. So that was one of the biggest benefits. We were running Windows Defender before, which if an asset wasn't on VPN or went off-network, it was essentially out in the wind. We didn't know what was happening to it from an AV perspective.
What is most valuable?
Malwarebytes is easy to use. There's not a lot I like about it, but I will say that they have some of the best signatures out there. As far as traditional AV technology and detection solutions go, that's probably what I'd like about them the most. They have some of the best signature writers out there.
What needs improvement?
Malwarebytes is too simplistic. From a SOC IR perspective, it doesn't give you very much data around it. It doesn't tie things or provide SHA-1 and SHA-256 detection information, which makes it hard to do an additional investigation. It should give you more hash information, IOC-based information, etc. It also gives a lot of false positives. That's one of our biggest beefs.
Buyer's Guide
Malwarebytes
November 2024
Learn what your peers think about Malwarebytes. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
For how long have I used the solution?
I've been using Malwarebytes for three years.
What do I think about the stability of the solution?
The Malwarebytes agent has a design flaw that impacts performance. They built it on top of ClamAV, which is okay, but they run into some problems excluding certain locations or dealing with high-performance impact solutions. If you exclude it, then it's excluded completely, and you lose telemetry on it entirely. Again, we have experienced some problems with their agents breaking in their own update processes.
What do I think about the scalability of the solution?
Scalability's fine. We never ran into any issues, and we're a large company with 17,000 users. So I think that Malwarebytes can scale just fine. But that's probably due to the solution's simple nature. The more data you're pulling back, the more complex it gets, which creates a greater load on the backend systems that they're hosting. However, Malwarebytes is pretty lean right now, so performance has never really been a problem from a console perspective.
How are customer service and support?
I'd say that Malwarebytes support is fine, but they lack maturity when it comes to enterprise-class security solutions.
Which solution did I use previously and why did I switch?
We were running Windows Defender, but we switched to Malwarebytes because it is a cloud-hosted SaaS solution that is as effective on the cloud as it is on-prem.
How was the initial setup?
Straightforward. We're a very large environment, so it took us a couple of days, but technically, you could begin deployment almost immediately. As is the case with any AV product, you have to fine-tune it to deal with false positives and performance issues. Aside from that, the deployment itself can be done very quickly. You can use SECM, PDQ. They even have their own deployment tool that you can use. It's pretty easy to get it out there.
We did the implementation ourselves. My security department partnered with our patch management and asset deployment team. We gave them the packages and the switching, then they began deployment from there. It doesn't need a lot of maintenance. About three people should do it. Whoever deployed the solution will occasionally need to redeploy or fix an agent. You also need one or two frontend security staff to operate it.
What's my experience with pricing, setup cost, and licensing?
I would say that it's affordable. It costs much less than Sentinel One, CrowdStrike, or anything of that nature. But, at the same time, you are getting what you pay for. So I would say it's one of the best when you're comparing traditional NextGen AVs like Webroot that aren't the best in the bunch. McAfee and some of those other ones bring a lot more different options to the table. But if it's just straight AV technology, I would put Malwarebytes at the top of the heap in terms of value for the money.
What other advice do I have?
I would rate Malwarebytes eight out of 10 if I'm judging it by the standards of traditional endpoint protection or NextGen AV solution. When it comes to frontend protections, it has some of the best definitions. In addition, they do traditional signature and heuristic detection a lot better than Microsoft and some other players in that space. But if you're lumping it in with other EDR solutions, it's a zero.
If you plan to use Malwarebytes, I suggest utilizing its auto-patching mechanism as much as possible and aggressively keeping it up to date.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Branch Manager at Datec (Fiji) Limited
Scalable with good technical support and a straightforward setup
Pros and Cons
- "The solution is very good at scanning."
- "We have noticed that when the solution is doing the scanning, all the scanning activities make the device heavier. It slows down your machine."
What is our primary use case?
One of the reasons we use the solution is to protect the endpoints. Plus we are also using the EDR facility to protect servers and for emergency response. As for Malwarebytes, they will be able to help us track how the malware activities happened, which can help us in the restoration process. We haven't come across anything where we had to use these services or use the tool to recover anything. We haven't come to that yet.
How has it helped my organization?
Often, the customers had been compromised previously, and, due to that, we propose that solution to them. They like that tracking and restoration options are on the table if they get breached again.
What is most valuable?
The solution is very good at scanning.
It's a good product. It does the job.
It offers good protection. I haven't come across any issues so far, which I need to escalate.
The solution scales remarkably well.
We've had a good experience dealing with technical support.
What needs improvement?
We have noticed that when the solution is doing the scanning, all the scanning activities make the device heavier. It slows down your machine. Alternatively, sometimes when it's scanning the application fast, you find that your applications will be slow in response. If you compare it to, for example, Trend Micro, this slow down doesn't happen when you use that solution.
Basically, this solution seems to have issues with CPU and Memory. If you have got a good, high spec machine, then you won't feel it. If you go running SSDs and other stuff, you won't feel that performance issues. We have got customers in Fiji who are using 5,400 RPM hard disks, so they feel the pinch.
The solution is a bit expensive.
For how long have I used the solution?
I've been using the solution for about two years at this point.
What do I think about the stability of the solution?
The stability is good. We haven't faced any issues so far.
What do I think about the scalability of the solution?
The solution has a lot of scalability potential. If a company needs to expand it, it won't have a problem at all.
How are customer service and technical support?
We've been in touch with technical support on a few deployments at this point. On a couple of deployments, we had some glitches where we were not able to deploy it on MacBooks. We hit a few walls dealing with iOS, and they were very good at helping us deploy the product.
We were lucky in that we had a contact that had an account manager, and they were great on the support side. They really helped us out.
We've been satisfied with the level of service we've gotten
Which solution did I use previously and why did I switch?
We also work with Trend Micro, Symantec, and Kaspersky.
How was the initial setup?
The solution was not complex to set up. It was pretty straightforward for the most part. We found it to be rather easy.
What about the implementation team?
We typically connect with one of the techs and one of the account managers during deployments. The engineer we connected with was very knowledgeable about the product and made everything ever easy.
What's my experience with pricing, setup cost, and licensing?
The solution really needs to look around at the rest of the market. They're slightly more expensive and it would be ideal if they were more competitive.
What other advice do I have?
We're an official partner in Fiji.
We use both on-premises and cloud-based deployment models.
I'd recommend the solution to others. That said, I always recommend a POC is done first to see if it will properly fulfill a company's needs.
Overall, I would rate the product at an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Malwarebytes
November 2024
Learn what your peers think about Malwarebytes. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
Senior Network Engineer at Data Storage Institute
An easy-to-deploy solution that can be easily accessed from any location
Pros and Cons
- "The most valuable feature of the solution is that I can use it wherever I want, be it at the office, at home, or even outside."
- "The stability and performance of the solution are areas with shortcomings that need improvement."
What is our primary use case?
I use it at my workplace and in my communications with my colleagues.
What is most valuable?
The most valuable feature of the solution is that I can use it wherever I want, be it at the office, at home, or even outside.
What needs improvement?
The stability and performance of the solution are areas with shortcomings that need improvement.
For how long have I used the solution?
I have been using Malwarebytes for two to three years.
What do I think about the stability of the solution?
The solution is mostly stable, but maybe once out of ten circumstances, there are some issues, but very seldom.
Stability-wise, I rate the solution an eight out of ten.
What do I think about the scalability of the solution?
I don't know much about the solution's scalability because I don't have the visibility of the services being expanded to other locations, but it should be scalable since it is a solution available over the internet.
My company has around 1,000 users of the solution.
I don't know if my company has plans to increase the use of the solution.
How was the initial setup?
The initial setup of Malwarebytes is easy. I need to log in to my account, so nothing much is needed.
For deployment, you register for the account, and everything is automated.
What other advice do I have?
The solution has so far not created any issues in my computer.
I rate the overall product an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Retired at a government with 51-200 employees
Scans very well
What is our primary use case?
We use the solution for scanning malware.
What is most valuable?
The solution scans very well.
What needs improvement?
The UI could be more user-friendly.
For how long have I used the solution?
I have been using Malwarebytes for three years.
What do I think about the stability of the solution?
The product is stable.
I rate the solution’s stability a ten out of ten.
How was the initial setup?
The initial setup is straightforward. It took probably about 10-15 minutes to complete.
What other advice do I have?
Overall, I rate the solution a ten out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Assistant Executive Manager (IT) at lembaga zakat negeri kedah
Easy to install, good technical support, and offers effective monitoring
Pros and Cons
- "The installation process is very easy, especially since it is on the cloud."
- "The online reporting needs to be improved. Currently, we have to look at it online, and if we want to download a report, it just downloads as an Excel file. It's just raw information. There needs to be some way to better display it when it's downloaded."
What is our primary use case?
We primarily use the solution as a form of protection against attacks.
How has it helped my organization?
We've had threats from viruses before. This solution protects us from them and keeps our company safe.
What is most valuable?
The product is quite good. It offers a good amount of memory and it is easy to manage for our team.
The technical support is quite good. They're very effective at responding if we need their assistance.
The installation process is very easy, especially since it is on the cloud.
It offers a very straightforward system for monitoring.
What needs improvement?
The online reporting needs to be improved. Currently, we have to look at it online, and if we want to download a report, it just downloads as an Excel file. It's just raw information. There needs to be some way to better display it when it's downloaded.
It would be helpful if the solution could integrate with Unbuntu.
For how long have I used the solution?
Our organization has been using the solution for about three years.
What do I think about the stability of the solution?
We've found the solution to be quite stable. We haven't faced any issues with crashes and I can't recall running into any bugs or glitches. It's worked very well.
What do I think about the scalability of the solution?
For our purposes, the solution is scalable - at least in our region. It doesn't require too much reconfiguration.
How are customer service and technical support?
We've had a good experience with technical support so far. We've been satisfied with the level of service we've received.
How was the initial setup?
The initial setup was very straightforward for our team. We didn't find it complex at all. I'd say that the team considered it to be very easy.
Deployment took about an hour and a half. You just need a PC and WIFI. In total, to get everything set up properly, it took us about a month. It took that amount of time to make it work within our environment.
We only require about two to three people for deployment and maintenance. We used two people to deploy and have three people on maintenance duties.
What about the implementation team?
We did not use an integrator or reseller. Our own team handled the implementation in house.
What other advice do I have?
We're just a customer and end-user. We don't have any special association with the company.
Malwarebytes provides the cloud for our organization. I'm not sure of the version number is of the solution we are currently using.
For a company with about 100 or more PC units, the solution is quite effective. It makes monitoring easy. There's also a lot of reporting that can be done, and the solution provides protection for a lot of applications including Windows and Zoom.
I'd rate the solution eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cyber Security Engineer at a tech services company with 11-50 employees
This product does not provide what it needs to or what it says it does for proper Endpoint Detection and Response
Pros and Cons
- "The dashboard actually is good and it is simple."
- "The product has major problems in almost every facet of setup and use including setup, configuration, lack of functionality, lack of stability, false positives, questionable reporting, inability to protect from randsomeware and poor technical support and development."
What is our primary use case?
My job position is Cybersecurity Engineer. We use the solution as an EDR or endpoint detection response. As EDR is, it is not the primary endpoint protection as it can not control the risk. This product is working as behavior monitoring for the end users. These monitoring products are not controlling the endpoint. For controlling the endpoint, you can use EPP (Endpoint Protection) products like Symantec Endpoint Protection, Trend Micro Endpoint Protection, one that was called OfficeScan — now the updated one is called Apex One — or other strong endpoint protection solutions like Sophos Intercept X and so on. But Malwarebytes is just EDR. EDR is mainly for detecting usage behaviors. It is evaluation and it is not technically protection for the user environment.
What is most valuable?
The interface is not so bad. The dashboard actually is good. It is simple. But it is not able to produce simulated attacks.
What needs improvement?
I know of more than ten critical cases with clients which affect their use of the product adversely. We work with the Malwarebytes company a lot and have discussed the existing problems with the manager of Research and Development. He would not just say "You are right." But even though he knows that there are issues, there have been no changes in the results and improvements with the product even up until now.
I want to help secure the environments of the clients I work for. I want to benefit a lot of people, a lot of clients and a lot of users. I have specific things, technical details for each feature and each use case that I have worked on. But the company is not making the broader changes they need to in the product to make it an effective solution.
The most obvious problem is that basically the product comes up with a lot of false positives. This needs to be resolved.
There are other particular pain points with the current solution which have to do with the reporting and the problems with difficulty of installation. But these are still not the biggest problems for people using the product.
An additional feature I would like to see is a randsomeware roll back for 72 hours and for 100 GB of files. It is supposed to be a feature in the EDR to defend against randsomeware. But we cannot stop ransomware with EDR. We are supposed to be able to roll back the encrypted files. But it is a fact that, in production, we can not effectively roll back the ransomwares and encrypted files after this kind of attack. The company fails to say we can not go back. It is an important feature in these products and to the clients. But it is not effective.
For how long have I used the solution?
I have been implementing this solution as a technical consultant in IT and I have implemented this solution more and more over time starting one year ago.
What do I think about the stability of the solution?
The product is not stable. It is not broken all the time but the stability of this solution needs to be improved.
How are customer service and technical support?
They have not been receptive to our suggestions about the product and have not resolved the issues that we have reported in great detail.
Which solution did I use previously and why did I switch?
We are currently looking for a new solution because I am not satisfied with the product or the effort of the vendor to meet the needs of users. I have gone through the trouble of making a table for competition analysis between various vendors to see how they compare and that includes several vendors of EDR solutions including Malwarebyte, enSilo, CrowdStrike, Carbon Black and SentinelOne. I think we will end up working with Carbon Black or CloudStrike. But the current solution with malwarebytes does not perform well enough to properly protect our clients.
How was the initial setup?
I find that the setup and configuration are complex and difficult.
What about the implementation team?
We are the ones who do the installations and implementation.
What other advice do I have?
I have a lot of baggage with this product because of problems I have with the customers, the implementation, the configuration, the settings — it is very, very troublesome. There are various players on the course now. Some solutions may perform better.
I have had a bad experience with Malwarebyte in general. There are a lot of issues I have caught. I wrote these issues down to compile them and then I sent the information to Malwarebyte. Over some time, there was no improvement from the research and development or technical support from this vendor. I have only a few words about this product: It is not good yet. But they have also show almost no interest in improving it.
The proxy setting is a very nice feature. But, with that, you can not remove the proxy settings for the clients who are going out of the office for travel. You have to go to each laptop and write a manual cmd (command line) script to remove the proxy settings. It should not be done this way. It is just another example.
On a scale from one to ten with one being the worst and ten being the best, I would rate this product as a one-and-a-half. It is one of the worst products which I have ever used. If I have to choose a whole number it does not round up, it will round down to a one.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
System Administrator at a tech services company with 51-200 employees
Provides a level of confidence that no malware will infiltrate the system
Pros and Cons
- "Being able to carry out a full scan on your system."
- "Notifications are lacking."
What is our primary use case?
The primary use case of the solution is something I'm using myself, on my own computer. It sits in the background, works very well and does what you expect it to do. I'm using the free version at the moment but I'm considering getting the premium version because it's a pretty good product. My working environment is Windows, but my own personal preference is Mac, a Mac OS which I own. I have the solution on 24/7.
What is most valuable?
The most valuable feature is the scan feature. Being able to carry out a full scan on your system is a great feature, it gives you a certain level of confidence that everything's okay.
What needs improvement?
If the company was going to do something, it would be great if they could open up the free version to an app blocker that would block malicious applications. I don't think they would do that because they need to make money but it's what I would suggest they do. There's no indication on the system as to when the software is doing a scan.
Additional features they could include would be notifications. The solution doesn't let you know that it's scanning the system, it's all done in the background and it might be helpful if a little icon popped up and said, I'm just running a scan for you.
For how long have I used the solution?
I've been using Malwarebytes for two years.
What do I think about the stability of the solution?
The stability has been great. I've had it for about 18 months and nothing has gone wrong yet.
What do I think about the scalability of the solution?
In terms of scalability, whether it would be something that I would extend to an entire office full of Macs, or a whole company that was running Macs, I'm not sure. I would imagine on the basis that it doesn't have a particularly big memory or CPU footprint, that it would be ideal for scalability. You would only install it on one machine at a time, not on a server. It would be on the user's system.
How was the initial setup?
I did the setup myself, it was very simple. I think it took maybe five minutes.
Which other solutions did I evaluate?
I didn't specifically evaluate other options but I did go through a decision analysis process to figure out the best option for me. I listed what I wanted from the software and then rated all the alternatives against my requirements. It was a checklist and the solutions that didn't pass got kicked out. That's how I ended up with Malwarebytes. It was about functionality.
What other advice do I have?
The product is a client on my system at the moment. I think it gets a lot of its information, its virus signatures, things like that, from a cloud service. I can see that it takes a second to download new virus signatures and things. It's obviously getting its information from their website, so the real intelligence is based remotely.
I would very highly recommend this product and would rate it an eight out of 10.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Compliance Consultant at a tech company
The product is good at keeping threats out
Pros and Cons
- "We don't have to spend any time remediating bad things happening: Not viruses nor ransomware."
- "Every once in a while, it gets clobbered by updates from other places. I don't think this should happen."
What is our primary use case?
It is an endpoint antivirus.
We are using the most current version of the product.
Our company does security audits, so we are pretty secure.
How has it helped my organization?
We don't have to spend any time remediating bad things happening: Not viruses nor ransomware.
We are not spending time fixing anything, so worker productivity is enhanced.
What is most valuable?
We haven't had any problems with threats. The product is good at keeping threats out.
What needs improvement?
I would like to see it protect itself a little better from other people's updates.
Every once in a while, the product gets clobbered. It's not just one thing. So, it could be a Microsoft update or a Kaspersky update. It could be another update from some other application, then you just have to reload it. This doesn't happen that often. It happens around three or four times a year.
What do I think about the stability of the solution?
It's pretty stable, but every once in a while, it gets clobbered by updates from other places. I don't think this should happen.
What do I think about the scalability of the solution?
We are a small company, so it is scalable for us.
How are customer service and technical support?
The technical support is good.
I really haven't received any good answers about what happens when the product gets disconnected. I have had to reinstall it, but I never received an answer to this issue. So, I went to their website and put in a question. However, the solution is working
Which solution did I use previously and why did I switch?
I did not use a previous solution. I have been using this solution for quite awhile.
How was the initial setup?
The initial setup was straightforward. I just downloaded it, then it did everything itself. Once it was on my desktop, it was working.
What about the implementation team?
We did it ourselves.
What's my experience with pricing, setup cost, and licensing?
Yearly, it is around $50 per client.
Which other solutions did I evaluate?
I am also using Kaspersky for endpoint antivirus protection.
What other advice do I have?
This is a good solution.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Malwarebytes Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Endpoint Protection Platform (EPP)Popular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
Cisco Secure Endpoint
SentinelOne Singularity Complete
Fortinet FortiClient
Cortex XDR by Palo Alto Networks
Symantec Endpoint Security
Intercept X Endpoint
Trend Vision One Endpoint Security
Trellix Endpoint Security
Kaspersky Endpoint Security for Business
ESET Endpoint Protection Platform
BigFix
VMware Carbon Black Endpoint
Check Point Harmony Endpoint
Buyer's Guide
Download our free Malwarebytes Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What is the biggest difference between EPP and EDR products?
- Can Cylance be used with Symantec or Kaspersky endpoint solutions without conflict?
- When evaluating Endpoint Security, what aspect do you think is the most important to look for?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which Endpoint Protection Solution offers Zero Trust (ZTN) as a feature?
- What to choose: an endpoint antivirus, an EDR solution or both?
- Are you aware of SIEM platforms that integrate both Active Directory auditing and security monitoring tools?
- Which ransomware is the biggest threat in 2020?
- What is the best solution for ransomware attack?
- What are the best on-premise Endpoint Security solutions for a Tech Services company with 10,000 employees?
Very interesting and honest review. If I may ask a question: From your personal point of view, not based on any specific science or feature set which product does your gut say you should go with?