Skip to main content
ThreatDown, powered by Malwarebytes

ThreatDown, powered by Malwarebytes
Formerly Malwarebytes for Business


What is ThreatDown, powered by Malwarebytes?

ThreatDown replaces the former Malwarebytes for Business product suite, combining Malwarebytes' endpoint security capabilities in four bundles. The basic Core tier includes incident response, Next-gen AV, device control, vulnerability assessments, and the ability to block unwanted application. Higher tiers include…

Read more
Recent Reviews

TrustRadius Insights

Malwarebytes Endpoint Protection is highly valued by organizations as a reliable solution for protecting end user machines against …
Continue reading
Read all reviews

Popular Features

View all 7 features
  • Centralized Management (13)
  • Endpoint Detection and Response (EDR) (13)
  • Anti-Exploit Technology (12)
  • Malware Detection (13)

Reviewer Pros & Cons

View all pros & cons
Return to navigation


View all pricing



On Premise
per year per endpoint



On Premise
per year per endpoint



On Premise
per year per endpoint

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visit


  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Starting price (does not include set up fee)

  • $207 per year 3 devices (minimum)
Return to navigation


Endpoint Security

Endpoint security software protects enterprise connected devices from malware and cyber attacks.

Avg 8.4
Return to navigation

Product Details

What is ThreatDown, powered by Malwarebytes?

ThreatDown replaces the former Malwarebytes for Business product suite, combining Malwarebytes' endpoint security capabilities in four bundles. The basic Core tier includes incident response, Next-gen AV, device control, vulnerability assessments, and the ability to block unwanted application. Higher tiers include EDR and MDR services, managed threat hunting, patch management, website content filtering.

ThreatDown, powered by Malwarebytes Technical Details

Deployment TypesOn-premise, Software as a Service (SaaS), Cloud, or Web-Based
Operating SystemsWindows, Linux, Mac
Mobile ApplicationNo

Frequently Asked Questions

ThreatDown replaces the former Malwarebytes for Business product suite, combining Malwarebytes' endpoint security capabilities in four bundles. The basic Core tier includes incident response, Next-gen AV, device control, vulnerability assessments, and the ability to block unwanted application. Higher tiers include EDR and MDR services, managed threat hunting, patch management, website content filtering.

ThreatDown, powered by Malwarebytes starts at $207.

Reviewers rate Hybrid Deployment Support highest, with a score of 9.9.

The most common users of ThreatDown, powered by Malwarebytes are from Mid-sized Companies (51-1,000 employees).
Return to navigation


View all alternatives
Return to navigation

Reviews and Ratings


Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Malwarebytes Endpoint Protection is highly valued by organizations as a reliable solution for protecting end user machines against malware, ransomware, and other invasive threats. Users find the product dependable and appreciate its ease of deployment and policy management through the web portal. It effectively addresses the issue of malware slipping through the cracks of initial antivirus solutions by detecting and eradicating threats that are missed by traditional antivirus software. The product offers both anti-malware and anti-ransomware features, providing protection for all Windows-based equipment, workstations, and servers. Many users have found it beneficial to augment their existing antivirus solutions with Malwarebytes Endpoint Protection, which catches malware that may have been missed by those solutions. The centralized management system and detailed reports on access attempts that were blocked have proven to be valuable features. Moreover, the software performs above expectations in providing endpoint security and protecting against common threats like malware, spyware, and ransomware attacks. Users also appreciate the intelligent anti-ransomware capabilities and detailed reporting feature, which have been particularly useful in identifying and addressing malicious software. Additionally, the product's light footprint ensures minimal resource usage while delivering reliable performance. Furthermore, remote remediation has proven to be highly effective in resolving issues. In summary, Malwarebytes Endpoint Protection offers comprehensive protection against various forms of malware and provides a robust solution for organizations seeking reliable endpoint security.

Intuitive User Interface: Users have consistently found the user interface of Malwarebytes Endpoint Protection intuitive and easy to navigate. They appreciate the software's seamless design, allowing for easy access to all features without any confusion.

Convenient Scheduling Interface: Many reviewers appreciate the convenience of the scheduling interface provided by Malwarebytes Endpoint Protection. This feature allows for customized scans on multiple levels, making it easier to ensure comprehensive protection while minimizing disruptions during busy work hours.

Effortless Reporting via Management Web Portal: Reviewers commend the management web portal of Malwarebytes Endpoint Protection for its effortless reporting capabilities. Users can easily report malicious items through this portal, even accessing it from their cell phones if needed. This feature streamlines the process of managing and addressing security threats efficiently.


  1. Difficulty in Updating Software: Some users have found the process of updating Malwarebytes from one version to another challenging, requiring extra effort and time. They have mentioned that the update process could be more seamless and user-friendly.
  2. Poor Customer Support: Industry publications have reported negative reviews on Malwarebytes' customer support, indicating that some users have experienced slow response times and dissatisfaction with the level of assistance provided. Users have expressed frustration over delayed resolutions and a lack of effective communication.
  3. Limited End-User Functionality: Users have expressed that they find the end-user functionality of Malwarebytes to be limited, wishing for additional features to enhance their experience with the software. They would like to see improvements in customization options and advanced settings to meet their specific needs better.

Attribute Ratings


(1-13 of 13)
Companies can't remove reviews or game the system. Here's why
Score 1 out of 10
Vetted Review
Verified User
use to protect 10 computers plus 2 servers in a medical office. The idea was to protect against future virus attacks as our network had been breached in the past
  • scans for viruses
  • encourages installation and upgrades
  • has creative solutions for malware
  • poor customer service
  • dashboard says product is working EVEN THOUGH IT WAS NOT!
  • slow response to concerns that should be easy to remedy
  • creates baggage which caused certain computers and the network to run more slowly
  • caused 3 computers on our network top have windows errors and network issues
not appropriate if you want protection. My system stated ALL WAS PROTECTED---even though it had not been for 4 months!!

Caused 3 computers to crash and have windows errors and network errors. These errors were resolved immediately upon removing threatdown software.
Pete Maddox | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
We have clients with over 1,300 endpoints protected from malware and ransomware. But it seems we cannot protect our company from Malwarebytes. One reason I use MWB is to prevent monetary losses due to ransomware, credit card fraud, phishing scams, etc. But this time, it was MWB that got me.

I recently renewed the MWB EDR and Vulnerabilities license for a client with 88 endpoints. I was sent a link to their payment portal and made the payment for $6,821.76. That same day, MWB reversed that payment and posted a charge to my credit card for $13,643.52 - double the original charge. They sent me an invoice showing each item and the corresponding cost twice. They also sent me a receipt for the $13,643.52.

It's going on FOUR WEEKS and every time I email them asking where the refund is, they respond with an image of a credit memo and thanking me for my patience. They told me it was an issue with my bank. Then they told me they're checking with their bank. And they thank me for my patience.
  • Stops Ransomware Attacks
  • Blocks Hacking Attempts
  • Identifies Vulnerabilities and Required Patches
  • Protects Our Clients' Networks and Data
  • Their Accounting Department - STOP Double Billing My Company
  • Customer Support - Don't Thank Me For My Patience - Refund Our Money
  • Stop Saying It's The Bank's Fault Your Company Has Not Refunded The Unauthorized Charge To My Credit Card
We recently conducted a third-party Penetration Test, and Malwarebytes stopped them from gaining a foot hold on our client's network. We could see their attempts and failures to leverage vulnerabilities.
Score 10 out of 10
Vetted Review
Verified User
We use Malwarebytes Endpoint Protection on end user machines that are used by users who have broader permissions in business applications and also used by users who are more susceptible to clicking on malicious links, malicious attachments, etc. We only use it on a select number of end user machines.
  • Ease of administration
  • Visibility
  • Ease of implementation
  • Detection and removal of threats
  • Malwarebytes blocks access to malicious URL's, but the access isn't always user generated. It would be nice if Malwarebytes could help identify the source better.
  • Once in a great while, an endpoint that uses Malwarebytes disconnects from the Nebula console. This has only happened twice in the last 4 years, but it is inconvenient and not realized until a manual audit is done.
  • It would be nice if Malwarebytes would integrate with our RMM solution.
I think Malwarebytes is the best anti-malware company. I think it is well-suited for any situation and any device. I think Malwarebytes does the best on Windows and on MacOS. Also, Malwarebytes is always improving, and you can tell they are a company that stays on top of cybersecurity trends. If you have a tight budget or looking for the cheapest solution, then Malwarebytes may not be the solution for you. To clarify, I don't think Malwarebytes is that much more expensive compared to its closest competitors.
Vrej Anbarsoun | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
We switched to Malwarebytes Endpoint Protection after using several other antivirus systems, including McAfee, ESET, and Trend Micro. It's being used across the entire organization. We rely on it to keep our machines safe from malware, spyware, and ransomware attacks. So far, it's been pretty reliable and has a very light footprint, so it doesn't use up many resources. We've been using it for two years so far, and no complaints.
  • Light footprint
  • Affordable
  • Can be used in conjunction with Windows Defender or other third-party antivirus solutions
  • End user functionality is limited--can only launch scans. Would be nice to offer more features for the end user.
  • Some updates must be done or at least approved manually, instead of automatic updating.
  • It catches some false positives, so they need to tone down the aggressiveness somewhat.
Malwarebytes Endpoint Protection has offerings for end users all the way to large corporations, so pretty much anyone can benefit from their great technology. The end user software is very customizable and configurable, while the endpoint agents meant for corporations are more locked down and have limited functionality (for the end users). However, admins have full control and visibility into the agents, and agents can even be remotely installed and uninstalled, and installed via Active Directory GPO--a nice feature!
Mauro Biefeni | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Malwarebytes Endpoint Protection is being used to protect all desktop and laptop PCs in our organization, as well as multiple physical and virtual Windows servers.

Malwarebytes addresses the issues of malware and ransomware by doing an excellent job of protecting all systems within our network as well as users' portable laptops. In a world where ransomware is becoming a daily issue for mid to large-sized companies, this is an insurance policy that every company needs to have.
  • Protects against malware - No matter how much training you give end users on social hacking, there is always a breach at some point.
  • Protects against ransomware - Ransomware could spell disaster for a could literally shut the doors for good.
  • Centralized administration - Without a terrific centralized method to manage all the systems being protected, it would require an extra position just to maintain all endpoints.
  • The main con for me is trying to find a con to complain about. I simply cannot think of anything negative I have to say about MalwareBytes in the experience I have had with them to date.
I would absolutely recommend Malwarebytes Endpoint Protection to a colleague and I have recommended it to many of my peers in the IT world. Malwarebytes is well suited for any environment that requires protection from mal/ransomware which is most companies these days. In particular for companies that host their own big data that the operation of the company relies on.

The only place Malwarebytes Endpoint Protection may not be AS appropriate would be one where there is near zero reliance on computers, networks and data.
Score 10 out of 10
Vetted Review
Verified User
BC Systems is using Malwarebytes Endpoint as our primary platform to protect our network against virus, trojan's, and any other invasive threat in real time. We implemented this software two years ago and have not had any intrusions since. The Malwarebytes GUI offers a report which shows all of the access attempts that were blocked by the software. You can customize the report to an individual user or your entire network. You can see the benefit of your purchase every time you inspect the report.
  • The GUI is intuitive and easy to navigate.
  • It is easy to install and see your protection immediately.
  • The price is comparable to competitors.
  • I have not found any since using this software.
Simply install the software and let it run. It will actively inspect every packet entering your network. If the access attempt is unauthorized it will be blocked and logged for review. Review the report often and you can find where your network is weakest. Then you can focus your efforts on where it is needed most.
Sizwe Mlotshwa, CSAE | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Initially we had a lot of malware slipping through the cracks of our initial antivirus solution. After trialing Malwarebytes, we were satisfied with the results and proceeded to make the purchase. We found that Malwarebytes detects and eradicates threats that are missed by traditional antivirus solution.
  • Simple Licensing scheme
  • Ease of setup
  • Ease of management
  • Reporting
  • Threat remediation
Malwarebytes Endpoint Protection proved to be near ideal for a secondary solution. Running it in conjunction with a traditional antivirus solution provides the best endpoint protection in my experience. Also, even though the reports are a bit lacking in detail, they still make a good starting point when investigating incidents.
Score 9 out of 10
Vetted Review
Verified User
While we use Webroot Enpoint Protection on our MSP clients, we augment that protection with Malwarebytes. If Webroot allows any malware through, Malwarebytes catches most everything else. We routinely run sweeps/scans with Malwarebytes as our final authority on the cleanliness of our machines.
  • Scan can be customized on many levels.
  • Convient scheduling interface.
  • GUI is very intuitive an easy to use.
  • Updates from one version to another can be challenging. Regular updates are a must.
  • We have not had any issues, but Malwarebytes has gotten some poor reviews on their support in industry publications.
For environments where users have significant interaction with web-based applications and resources, it is ideal to reinforce your AV solution with Malwarebytes. For largely internal resources, it is not as impactful, but still provides added insurance against infection.
Score 9 out of 10
Vetted Review
Verified User
We have been using Malwarebytes for 4 years across our whole organization. Nowadays, ransomware, spyware, and malware are a big threat. Being in an engineering consulting business, our users are bombarded with so many emails every day, sometimes with phishing links. It became so important for us to protect ourselves from these types of attacks, so we decided to buy Malwarebytes. Since then, it is doing an excellent job.
  • The biggest plus with this software is that you can manage all the clients from a management console. You can push the install/updates through it. If the client cannot connect to the management console, then it will update directly from their website. This means you are always up to date and protected.
  • The software on the client machine has very low overhead so it doesn't affect the performance.
  • You can create policies based on the types of users or by the department. You can customize these policies so it will let you micro-manage the clients.
  • When you push install to clients, sometimes it will fail with generic errors, and it's hard to find out what is the cause of failure. Fortunately, it doesn't require too many changes on the client-side but it takes time to figure it out.
  • When we bought it, we had an option to buy it with email support or phone support. The phone support was very high priced, so we ended up buying email support. when we experience any issues, it takes a long time to get a resolution. Fortunately, we haven't used their support much.
  • It had a few incidents with false calls. We are using software that generates reports in MS Word format. The software will call Word to open with a report, but the anti-exploit will consider this as a threat and will block the function. You can put Word in an exception but it won't protect Word from a real exploit in the future.
This software is doing an excellent job. The management console and low overhead on the end-user computer is a big plus. You can buy the licenses in packs. The software is a bit pricey, so if you are on a tight budget then you need to look for a different solution.
Score 10 out of 10
Vetted Review
Verified User
It was used on a trial basis for a few months on about 20-30 machines (combination of end user and server devices). It filled gaps left by our main AV solution, in particular it was able to detect a number of malware strains that our existing AV had not detected. It also has very intelligent anti-ransomware capabilities, and the feature that can show the highly detailed report of what a particular process has done (what it's spawned, files modified, URLs accessed etc) when it's ran on a machine is highly useful in identifying malicious software from false alarms. The remote remediation has also proven to be highly effective
  • Anti-ransomware; the rollback feature, and the ability to stop ransomware in it's tracks would be highly valuable in the event of a ransomware infection reaching a machine. It can block a machine from communicating on the network, prevent the infection from modifying any more files, and allows for a full machine rollback to prior to the infection if required.
  • The management console gives you a lot of information on the target machine, including general asset details, as well as infection details. It also has very effective remote management and remediation tools.
  • The remote deployment tool could do with a little work; occasionally there would be errors deploying it to a remote asset, and the errors were not especially clear on what the issue was. The deployment tool also requires the install files to be downloaded onto the machine you are running the tool from, rather than being able to pull from a server location. The installer is also just an executable that you launch each time you want to install.
  • Firewall capability isn't really present in the product as it stands, which is why it's running in tandem with our current solution.
It's well suited to most environments, however, it has some compatibility issues if you need to deploy it to older operating systems that are out of support (which is understandable of course). If you work in an environment where you have older OS's in the business, the client may not be able to be installed remotely, or at all (depending on the OS). However, if the product supports the OS's you run, it's a very good product to invest in for peace of mind. I was also able to run it on the servers with no impact on their performance
John Fester | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
We utilize Malwarebytes Endpoint Protection in our organization site-wide. All servers & workstations are deployed with Malwarebytes Endpoint Protection on all levels. I love this product so much because it is dependable, and everything from stage 1 of deployment to finalizing policies is super easy and done from the web portal. No need to install a local server management console any more with Malwarebytes Endpoint Protection! Why do I trust Malwarebytes? Because we have not been infected or breached while using it.
  • The initial setup with Malwarebytes Endpoint Protection is speedy and straightforward since you do not have to dedicate a server for the management side of it - it is cloud-based!
  • Reporting of malicious items is a breeze from the management web portal. I can quickly review items from my cell phone as I walk through the office, from home or wherever I am and need to check on these items. Other systems require you to VPN to your office, open software, log in, and start reviewing. But being cloud-based makes this so much simpler!
  • I would like to see Malwarebytes Endpoint Protection create the ability to setup other admins of the system with restrictive access to only review items, but not be able to deploy machines or change the policies.
  • There is an area in the admin center when you are reviewing deployed machines. You are unable to sort or search by Computer Name/Host Name. This would help to quickly locate specific devices since we do not try to memorize IP addresses used by workstations.
I will always recommend Malwarebytes Endpoint Protection because it has not failed my company. We have detected more infections as a result of using other security software and scanned to compare findings with Malwarebytes Endpoint Protection. It is scary when Malwarebytes Endpoint Protection finds things that your existing software did not see and are real vulnerabilities. The minimal amount of resources it uses to protect your environment actively is fantastic! We eliminated an entire server by switching to Malwarebytes Endpoint Protection from competitors' solutions, as they all require a dedicated server to install the admin management software on. With Malwarebytes Endpoint Protection Cloud, everything is in the cloud, and you do not need a server for this!
Score 10 out of 10
Vetted Review
Verified User
We use Malwarebytes Endpoint Protection and Response across 26 companies. It has performed above expectations for endpoint security and protecting against malware, ransomware and exploits.
  • The cloud console is easy to navigate and allows for easy management and reporting on the endpoints. It allows us to grey list suspicious files and activity until we can vet these items can be moved to a whitelist.
  • The layers of protection Malwarebytes offers allows for different method to keep our endpoints clean from Malware, exploits and ransomware. The ransomware rollback feature is a great way to mitigate these type of threats.
  • Deployment is easy and effective to allow for a smooth deployment to new endpoints.
  • We have not experienced any areas that we would deem room for improvement. Malwarebytes is always working on making the product better and have a solid road map for the future threats we will face.
Malwarebytes Endpoint Protection and Response is capable of working in all sizes of businesses. It lends itself useful to administrators with little to no knowledge to the very astute.
Score 5 out of 10
Vetted Review
Verified User
We utilize Malwarebytes Endpoint Protection (Premise-based) for the whole organization. Its anti-malware, anti-exploit, and anti-ransomware provide protection for all our Windows-based equipment, workstations, and servers. We need a product that provides both protection and centralized management and offers more protection than an anti-virus product with extra, less focused features like Symantec Endpoint Protection.
  • Great protection for end points.
  • Automatic definition updates without the need to contact the management server.
  • Anti-exploit program self updates without the need to contact the management server.
  • Supports group policy deployment.
  • Supports email alerts.
  • Works alongside anti-virus programs without issues.
  • Usable on Windows servers and Windows workstations.
  • Limited Apple support (remediation only).
  • Premise based management tool no longer the focus of development in favor of new cloud based protection.
  • Can't migrate to cloud based protection easily and requires different licensing.
  • They released a definition package last year that caused all systems that received it to block all network access, inbound and outbound. The repair process was manual and took 15 minutes per machine to fix. The only way to learn about it was from their website and it was not easy to determine that Malwarebytes was the cause.
  • Management tool does not auto-update client programs. You need to either perform a push update or update your GPO program deployment for the new package.
  • Email alerts about clients only come in after the workstation has sent an update to the management server. The management server is not accessible over the internet, so reports from remote users can take days after the incident.
  • The anti-exploit module does not like any JAVA programs. Barracuda JAVA VPN and Supermicro SuperDoctor get blocked. There is no exception list, so you have to disable protection.
  • You can not make exclusions for programs you need protection to be disabled for.
  • Some programs can be disabled by end users.
  • No notification process to inform you of new updates for end user applications or the management system.
Malwarebytes Endpoint Protection is good for companies that do not have a very small mobile workforce. It is also acceptable for companies where their mobile workforce is constantly connected to a corporate VPN. It does require weekly manual monitoring to make sure all endpoints and all applications including the management service are up to date.
Return to navigation