Configure General options in Malwarebytes Cloud Platform

Document created by bgoddard Employee on Oct 10, 2019Last modified by bgoddard Employee on Nov 13, 2019
Version 11Show Document
  • View in full screen mode

Policies define how Malwarebytes behaves when running a scheduled scan, using Real-Time Protection, or monitoring Suspicious Activity. Policies are applied at the group level, and all endpoints in a group use the same policy. By default, endpoints added to the console belong to the Default Group, and the Default Policy. 


Policies are customizable and have many options. This article covers policy General options for all endpoint platforms. 


To view policy settings, go to Settings > Policies. Click Default Policy > choose a platform > General to view the options described below.



General options include endpoint reboots, startup applications, asset reporting events, and Malwarebytes Protection Updates.


Reboot options

Reboot options control how Malwarebytes handles requests from the console to restart endpoints. Reboots are sometimes needed to finish malware remediation, or to apply system changes after software is updated or removed.


Options in this section are as follows:

  • Enable Restart: Choose if the endpoint automatically restarts as needed. If you turn this off, malware might not be fully removed from the endpoint and software updates might not be applied.
    • Reboot Delay: The amount of time the endpoint will wait before rebooting. 
    • Reboot Message: A custom message displayed on the endpoint when it needs to reboot.
    • Postpone Reboot: Allows users to postpone a reboot by preset times. If a user postpones a reboot, the Events screen shows an Audit event.


Startup Options (Windows only)

Startup Options control how services behave on your endpoints.


Options in this section are as follows:

  • Allow services additional time to start: Enables extra time for services to finish loading at system startup before they timeout.
    • Maximum time allowed: Choose a preset timeout period. You may select 1, 5, or 10 minutes. The endpoint may need more time to start if it has many services loading at startup or is running additional security software.


Asset Management

Enabling Asset Management options allows the Malwarebytes Cloud Platform console to collect hardware and software information from your endpoints. When these options are enabled, the console information can be updated with a Refresh Assets action or an Asset Inventory Scan.


Events to report

When enabled, the following information is collected and shown on the Endpoint Properties screen:

  • Storage Devices: Connected storage, USB storage, and other devices.
  • Memory ObjectsPhysical and virtual memory of the endpoints.
  • Startup ProgramsRegistry information for endpoint programs that launch at startup.
  • Installed Software: Software installed on the endpoint.
  • Software UpdatesSoftware updates that have been applied on the endpoint.


Protection updates

Protection Updates are Malwarebytes database updates used by scans and Real-time Protection features. For more information on Protection Updates, see Malwarebytes Endpoint Protection settings for Protection Updates.


Protection Updates are needed to protect your endpoints, but you may adjust how often they occur.

  • Update Frequency: How often the endpoint checks Malwarebytes servers for updates. Choose a period from 15 minutes to 7 days.


Protection Updates Delay

Protection Updates Delay lets you choose how long a Protection Updates version is available before endpoints may download it. 


Choose a delay period or set No delay, which is recommended.

  • Delay Period (Windows only): Postpones the latest Protection Updates by 1, 3, or 5 hours. 


Important: Delays between Protection Updates may reduce the risk of encountering a false positive but increase vulnerability to zero-day threats. For more information, see Protection Updates Delay overview.


See also



Return to the Malwarebytes Cloud Platform Administrator Guide