Nebula
This contains a limited feature set that allows Nebula administrators to view their console and take action on threats while away from their desks.
What is the ThreatDown Admin app?
Assess threat exposure by identifying and prioritizing action against software vulnerabilities by matching them against an up-to-date inventory of installed drivers, software and operating system modules.
What is Vulnerability Assessment?
This particular EDR policy setting must be enabled for us to observe the behaviors of processes, registry, file system, and network activity on the endpoint using a heuristic algorithms looking for deviations.
What is Suspicious Activity Monitoring?
Protects endpoints by limiting end user ability to uninstall Malwarebytes. This also prevents malicious threats from stopping, modifying, or deleting Malwarebytes.
What is Tamper Protection?
Expands ThreatDown’s best-in-class support with faster response time SLAs, extended support availability, and more.
What is Premium Support?
This feature evaluates your environment and provides customized recommendations based on an analysis of your Nebula configuration.
What is the Nebula Security Advisor (SAM)?
Ensuring defenses are up to date across your ecosystem by accelerating identification, deployment, installation, and verification of operating system and application code revisions, across device operating systems and a wide range of third-party applications.
What is Patch Management?
The capability that allows freeform threat hunting across all devices managed by EDR.
What is Flight Recorder Search?
Traces every installation, modification, and process, including in-memory executables that others miss, to ensure thorough remediation, prevent reinfection, and reduce costs and efforts.
What is Malwarebytes' proprietary Linking Engine (Remediation Engine)?
This ThreatDown protection stops intrusive ads and tracking scripts to increase browser speed and employee productivity.
What is Browser Phishing Protection?
This interface lets administrators automate tasks, integrate with other tools, access reports, and manage their ThreatDown tenant.
What is ThreatDown APIs?
This Nebula module protects your endpoints by preventing unauthorized software from executing across your endpoints.
What is Application Block?
The 3 modes of Endpoint Isolation.
What is....
1. Network Isolation: Prevent the endpoint from communicating with other devices on your network.
2. Process Isolation: Restrict which processes can run on the endpoint and prevent processes from interacting.
3. Desktop Isolation (Windows only): Prevent end users from accessing the endpoint.
This Endpoint Detection and Response feature can be used to upload a file within the Nebula console and receive a comprehensive report on the item, indicating if the file is malicious or not.
What is Sandbox Analysis?
After 13 consecutive quarters of unmatched success, ThreatDown was first and only winner of this award in March 2025.
What is the MRG Effitas Product of the Year Award?
This dual security method to authenticate users can be enabled to protect your account in case your login credentials are compromised.
What is Multi-Factor Authentication (MFA)/2-Factor Authentication (2FA)?
Threats flagged by this Module's AI or reported by users are automatically grouped, categorized, and managed by our machine learning engine. This fully automated remediation process greatly reduces the time and effort required for threat mitigation.
What is Email Security?
These EDR features are available for MacOS and Linux.
What is...
Suspicious Activity Monitoring
Flight Recorder Search
Network Isolation
Process Isolation
What are the 2 Matching-Based Protection Layers in Endpoint Protection?
What is...
1. Web Protection: Helps prevent access to malicious websites, ad networks, scammer networks
2. Payload Analysis: Anti-malware technology designed to identify entire families of known and relevant malware with heuristic and behavioral rules
This year's annually released report uncovers how attackers are evading detection with stealthier tactics and how to protect your business from the latest threats.
What is the 2025 State of Ransomware Report?
The 3 default schedules provided "out-of-the-box" for every new tenant.
What is....
Daily Software Inventory Scan
Daily Detection Threat Scan
Weekly Detection Custom Scan
This Module limits the number of domain-based threats on a network. This ensures their data remains secure while allowing control over what employees can access regardless of the connected network.
What is DNS Filtering?
Ability to investigate attacks, collect forensic data, and remediate detections on remote endpoints. Authorized Super Admins can securely access their endpoints remotely with Malwarebytes Nebula.
What is Active Response Shell?
What are 3 of the 5 Behavior-based Protection Layers in Endpoint Protection?
What is...
1. Application Hardening: Reduces vulnerability exploit surface and proactively detects fingerprinting attempts used by advanced attacks
2. Exploit Mitigation: Proactively detects and blocks attempts to abuse vulnerabilities and remotely execute code on the endpoint
3. Application Behavior: Helps prevent applications from being leveraged to infect the endpoint
4. Anomaly Detection Machine Learning: Proactively identifies unknown viruses and malware via machine learning techniques
5. Ransomware Mitigation: Detects and blocks ransomware identified via behavioral monitoring technology
When login attempts are made through Windows protocols, this feature counts unsuccessful login attempts within a specified period of time and temporarily blocks the incoming IP address by creating a Windows Firewall block rule.
What is Brute Force Protection?