One of the primary functions of Malwarebytes Cloud Platform is to keep you informed of malware-related activities on your endpoints. This article provides an overview of the Dashboard, Detections, and Quarantine screens. These screens provide information to help you understand what is happening in your environment.
The Dashboard provides a high level view of malware-related activities on your network. It presents a summarized view of the information displayed in more detail on other Malwarebytes screens.
The Dashboard view includes:
- Total managed endpoints, a list of statuses with total endpoints in each status, and the number of endpoints that haven’t been seen for over 7 days.
- Threats cleaned during the past 72 hours, broken down by Malware, Potentially Unwanted Programs, Potentially Unwanted Modifications, Ransomware, Exploits, and Websites.
- Tasks issued by the console over the past 24 hours, broken down by status: success, failure or pending.
- Threats detected during the past 90 days, broken down by Malware, Potentially Unwanted Programs, Potentially Unwanted Modifications, Ransomware, Exploits, and Websites.
- A bar graph showing Malware, Potentially Unwanted Programs, Potentially Unwanted Modifications, Ransomware, and Exploits by day, over the past 30 days.
- Number of suspicious activities detected in the last 24 hours, categorized by severity.
- List of Top 10 endpoints with the most detections over the past 90 days.
- List of Top 10 suspicious activities detected in the last 24 hours.
- List of Top 10 malware detections over the past 90 days.
- List of Top 10 Potentially Unwanted Programs over the past 90 days.
- List of Top 10 Potentially Unwanted Modifications over the past 90 days.
- List of Top 10 malicious/suspicious websites blocked in the last 24 hours.
Information shown on the Dashboard is current as of the time you access the Dashboard.
This screen provides a detailed list of all threats detected during a scan in the past 30 days. A bar graph shows the level of threat activity on each day in that period. Hovering over any date with detected threats shows a breakdown of types of threats detected on that day.
Click on the name of a detection to view details.
When clicking on filters, the filter list in the middle of the screen shows which filters are applied. Click on a filtered item to remove it, or Clear Filters to remove them all.
When a file is quarantined, it has been detected and isolated so that it can't harm your endpoints. The Quarantine screen allows you to view these items.
While Malwarebytes uses its best judgment whether a file is a threat, false positives are possible. You may also find items in Quarantine which are trusted files. Do not assume that the contents of Quarantine are either malicious or safe.
At the top of the screen, use the drop-down lists to filter items by threat Category or Time Period. Click on a threat name for details, or click an endpoint to jump to it's details screen.
While the Quarantine screen shows all quarantined threats across your network, the actual threats remain in an encrypted state on the endpoints where they were found. The quarantine location is a predefined folder on your endpoints.
- Windows endpoints: C:\ProgramData\Malwarebytes\MBAMService\Quarantine
- Mac endpoints: /Library/Application Support/Malwarebytes/NCEP/Quarantine/
You may perform the following actions on quarantined items from the console:
- Restore (Windows only): Moves the item from Quarantine to its original location on the endpoint. Use this for items known to be safe.
- Delete: Immediately and permanently destroys the file. This action is irreversible.
You may restore quarantined items on Mac endpoints by moving the file on the endpoint from Quarantine to the original location. This action not available from the console for Mac endpoints.
- Manage endpoints in Malwarebytes Cloud Platform
- Events and Tasks in Malwarebytes Cloud Platform
- Add endpoints in Malwarebytes Cloud Platform
Return to the Malwarebytes Cloud Platform Administrator Guide