Skip to content

Malwarebytes Incident Response

Malwarebytes Incident Response is a threat detection and remediation tool built on a highly scalable, cloud-based management platform. It scans networked endpoints for advanced threats including malware, PUPs, and adware and thoroughly removes them.


To begin using Malwarebytes Incident Response in your Support Group, send a request to OIT Device Engineering via ServiceNow to acquire a Malwarebytes Group Code, necessary for configuring endpoints to be associated to your Support Group. By default, only the initial requester of a Group Code will be added to the Malwarebytes Cloud Console; additional Support Group members can be added to the Console upon request.


Once given a group code, the Malwarebytes Incident Response agent is primarily distributed using either BigFix, Jamf Pro, or Configuration Manager. See the appropriate package within each of these tools for more specific information. Custom, Support-Group-specific offline installers can be created and provided on request.

Once installed, the agent reports to the Malwarebytes Incident Response console (NetID and access privileges required).


Information on default policies, viewing scan activity, and more can be found on the Endpoints@Duke wiki.