Malwarebytes Breach Remediation for IBM BigFix User Guide

Document created by bgoddard Employee on Aug 6, 2019Last modified by bgoddard Employee on Aug 14, 2019
Version 8Show Document
  • View in full screen mode

Introduction

Malwarebytes Breach Remediation is a portable command-line product, designed to allow enterprises to detect and remove malicious software from endpoints. Malwarebytes Breach Remediation requires no installation on the endpoints, simply distribute the files to the endpoints and execute the program.

 

For more information, please see the Malwarebytes Breach Remediation Windows Administrator Guide .

 

Features

Malwarebytes Breach Remediation for IBM BigFix provides the following features:

  • BigFix Fixlet to download and execute scans on managed endpoints
  • BigFix Analysis to return scan results to the BigFix Server
  • Custom Web Reports to display the results

 

Prerequisites

In order to use Malwarebytes Breach Remediation for IBM BigFix, the following is required:

  • IBM BigFix platform 9.x and later, including Web Reports
  • Malwarebytes Cloud subscription to one of the following products:
    • Malwarebytes Incident Response
    • Malwarebytes Endpoint Protection
    • Malwarebytes Endpoint Protection and Response
  • Your Malwarebytes Cloud product license key

 

 

Installation

Follow these steps to import the Malwarebytes Breach Remediation content into the BigFix platform.

 

Download the Malwarebytes Breach Remediation for IBM BigFix zip file

  1. Download the Malwarebytes Breach Remediation for IBM BigFix file here.

  2. Unzip the file malwarebytes_bigfix.zip. The files contained in the zip file are:
    • mwb_fixlets.bes - Contains both the task and analysis.
    • mwb_mbbr.beswrpt - Contains the custom web reports.

 

Create a custom BigFix site

It is a good practice and recommended to create a custom site to host the imported Malwarebytes content. Future content can be imported later into this same custom site.

  1. Log in to BigFix.

  2. Create a custom site. Go to Tools > Create Custom Site…


  3. Name the custom site Malwarebytes.

 

Import the Fixlet

  1. Double-click on the file mwb_fixlets.bes to import the Fixlet into BigFix.

  2. Ensure both the task and analysis are created in the new custom site.


  3. Both items are available from the BigFix Console.


Import custom Web Reports

  1. Log into Web Reports and select Report List > Import report
  2. Import the file mwb_mbbr.beswrpt as XML.


After performing threat scans, the Web Reports screen displays the results.

 

Enter your Malwarebytes Cloud license key in BigFix

To view your Malwarebytes Cloud license key:

  1. Login to the Malwarebytes Cloud Console.

  2. Go to Profile > License Information.

  3. Copy your license key.

  4. Open BigFix and navigate to your custom site, All Content > Sites > Malwarebytes.

  5. Click Fixlets and Tasks.

  6. On the Description tab, paste or enter your license key in the License Key field.

 

Copy the Malwarebytes Breach Remediation task to adjust options

Malwarebytes Breach Remediation provides many options and features. In order to fine-tune Malwarebytes Breach Remediation for IBM BigFix for your environment, we suggest the following:

  1. Make a copy of the initial BigFix task.

  2. Use the copy to fine-tune how the task works:
    1. In the copied task, edit the BigFix action script.
    2. Customize the command line options for Malwarebytes Breach Remediation.

  3. Refer to the Malwarebytes Breach Remediation Windows Administrator Guide for details and more information.

 

Attachments

    Outcomes