Endpoint Detection and Response - Antivirus and Anti-Malware Prevention

Summary

This article describes our EDR solution, Malwarebytes.

Body

malwarebytesWhat is Malwarebytes?

As computer viruses and malware evolve, more sophisticated prevention, detection, and remediation solutions are required on both Windows and macOS computers.  In the Fall of 2021, SJU began deploying Malwarebytes to all University issued computers, which serves as the Endpoint Detection and Response security platfrom (EDR). 

SJU devices may continue to run our legacy antivirus and anti-malware solution, Symantec Endpoint Protection, while we continue to expand and integrate Malwarebytes into more of our computing environment.
 

What should you expect with Malwarebytes?

Very little interaction is required with Malwarebytes.  On your Windows device, you may notice a desktop shortcut, Start Menu shortcut, and an icon in your task bar, but on your macOS device, you won't even notice an icon for it in your menu bar.  The reason for this is that the application is sophisticated enough to do things on its own, without requiring the user to perform scans or other actions if a threat is detected.  If any risks, threats, or other malicious activity is detected, notifications will be sent to our endpoint support teams and the software will automatically begin to detect, isolate, prevent, and remediate without any intervention.  

scan

 

 

 

 

 

 

 

 

It is possible that if the Malwarebytes agent detects something malicious on your computer, or requires an important update to a newer version, it may require a reboot to complete things.  It is possible you will see messages similar to these, prompting you that interaction is required, or that a mandatory reboot will take place:

 

 

 

 


 

At any point if you do happen to see a notification from Malwarebytes, you may contact the Technology Service Center at 610-660-2920 for more information. 

There is also a chance that Malwarebytes will prevent legitimate software from running.  This is called a "false positive".  If this were to happen, it may require you to contact the Technology Service Center so that the application that is being blocked can be evaluated and have an "exclusion" created.  This is effectively a rule created by our software administrators to allow legitimate software to run properly. 

 

 

Details

Details

Article ID: 136945
Created
Mon 11/22/21 4:56 PM
Modified
Mon 7/24/23 3:40 PM