Stop email-based threats before they enter your network

Watch GravityZone Security for Email video overview

GravityZone Security for Email provides businesses comprehensive email security and protection from known and emerging threats, including impersonation attacks, Business Email Compromise (BEC), CEO fraud, phishing, ransomware and more. 

For MSPs, the multi-tenancy management features, monthly licensing and usage reports help streamline tasks and deliver operational efficiencies.

See More
email protection

Complete Email Security

Multiple scanning engines and technologies ensure enterprise-class threat detection that’s easy for businesses of any size to implement and manage.

email fraud protection

Stops Fraud

Blocks non-malware threats such as credential phishing, BEC attacks, CEO fraud and more.

Cybersecurity management

Full Control

Provides complete control over mail flow, supports multiple email providers and seamlessly integrates with Microsoft 365.

Capabilities & Benefits

multi-layered email security

Multiple security engines use a combination of advanced technologies to detect spam as well as more sophisticated, targeted phishing and impersonation attacks.

Complete mail flow security

A powerful policy engine enables control over email delivery and message filtering based on attributes such as size, source, destination, keywords and more.

suspect behavioral analysis

Leverages advanced behavioral analysis that includes more than 10,000 algorithms analyzing more than 130 variables extracted from each email message, for strong threat detection and prevention.

real time security

Time-of-click protection rewrites links in messages and protects employees in real-time by blocking and warning users of malicious links.

Sent emails security

Outbound filtering helps control content in outgoing messages to prevent IP blacklisting.

Complete control

Advanced mail routing engine provides complete control over mail flow and supports multiple email providers, all in a single domain.

GravityZone Security for Email Architecture

Our solution is 100% cloud-based and easy to deploy. Our policy engine uses multiple AV engines, including static sandboxing of file attachments, and offers a full analysis of inbound and outbound email analysis using unlimited keyword lists.

GravityZone Security for Email architecture - how it works

GravityZone Security for Email

Multi-layered email security for businesses and MSPs that protects across all business email service providers.


Advanced Threat Intelligence

Combines traditional pattern message attributes and characteristic matching with algorithmic analysis to deliver the ultimate threat detection and protect networks against targeted email attacks - with almost no false positives.

Multi-Layer Scanning

Multiple traditional signature and behaviour based AV and anti-spam engines can detect all forms of malware and spam, including zero-day variants.

Deep Analysis & Inspection

A deep analysis by the multi-scanning engines inspects all aspects of emails, including their size, content, attachments, headers, sender, recipients and links, then automatically takes actions such as deliver, quarantine, re-route, notify or reject the email.

Management & Control

IT administrators have full control to customize how mail flows in and out of the organization, create unlimited keyword lists, and use rules to analyze messages and act based on confidential or sensitive information.

Industry Recognition

Bitdefender is recognized by industry analyst firms and independent testing organizations.

  • Gartner logo
  • Forrester
  • Gartner Customer Choice 2024
  • Mitre Engenuity
  • AV Test
  • AV Comparatives
Andrew Black's (CIO) - testimonial email security

“I’m all about streamlining, simplifying, and making things consistent across the board.
So, Bitdefender was a great opportunity to consolidate and manage our endpoint and email security across our physical and Azure cloud environments from one console.”


Andrew Black

Chief Information Officer, A-Core Concrete Specialists

Why do businesses need email security?

Email remains the most common channel for opportunistic and targeted attacks, as well as a significant source of data loss. According to research from the Radicati Group, 94 percent of malware is received via email.

How is email used by hackers to carry out attacks?

In most cases, email is the first to deliver:

1.     The initial URL, in the form of a link to an exploit kit or phishing website.

2.     The attachment, in the form of a dropper or payload. 

3.     The starting point for a social engineering attack, such as in the case of BEC or credential phishing attacks.

Isn’t standard endpoint protection enough?

Email threats have become sophisticated enough to evade detection by traditional email security technologies, particularly those that rely only on standard antivirus and reputation. Email threats are also converging with other threats, combining social engineering, identity deception, phishing sites, malware, and exploits to evade standard email security solutions and infiltrate organizations.

What is Business email compromise/ CEO Fraud?

Business email compromise (BEC), also known as CEO fraud, is when an attacker pretends to be someone they aren’t on email, typically a company executive or senior manager, to convince an employee to divert funds into a bank account controlled by the attacker or to trick them into sharing sensitive data with the attacker. These types of payroll diversion scams accounted for $8 million in fraud losses in 2019. 

Why should I choose GravityZone Security for Email?

GravityZone Security for Email provides the best protection against impersonation and social engineering attacks, spear-phishing, malware and ransomware.

When integrated with your cloud-based email service, GravityZone Security for Email filters your organization’s email before it hits your endpoints, which increases the likelihood of preventing harmful emails from ever entering your network in the first place. 

How do I get started with GravityZone Security for Email

GravityZone Security for Email is available as an add-on to the GravityZone cloud console. Simply change MX records to re-route inbound email through Bitdefender’s cloud email security servers.

For outbound filtering, configure smart hosts to re-route email. For more details, check out our installation guides for organizations and MSPs.

Does GravityZone Security for Email include reporting tools?

GravityZone Security for Email includes spam digest reports, audit reports and top trend reports. In addition, a report builder allows administrators to define their own reports that can be saved and exported.

How does GravityZone Security for Email protect against impersonation attacks, spoofing and CEO fraud?

GravityZone Security for Email leverages key sender authentication methods such as SPF, DKIM and DMARC, in combination with executive tracking lists that can detect users’ real names within header and envelope address fields to help protect against sophisticated impersonation and CEO fraud attacks.

What filtering accuracy rates can I expect from GravityZone Security for Email?

GravityZone Security for Email is proven to have high virus and spam filtering accuracy. The superior protection provided by Bitdefender security solutions is backed by independent lab tests and confirmed by our customers.  

General Requirements

To prepare for GravityZone Security for Email configuration, you need to meet the following requirements:

·       Access to GravityZone Control Center

·       GravityZone Security for Email add-on license key

·       Gather setup information:

            o     Organizational mailboxes

            o   Routing information for inbound/outbound mail delivery

·       Supported Browsers:

            o   Microsoft Edge 17+

            o   Google Chrome 60+

            o   Mozilla Firefox 60+

            o   Apple Safari 12+

·       Other requirements:

            o   JavaScript must be enabled.

            o   IFRAME support is recommended for some sections of the dashboard.

It is recommended that Ad Blocker plugins are disabled when accessing the Email Security console.

AD Connect Requirements

To prepare for AD Connect installation and configuration, you need to meet the following requirements:

·       Operating System:

            o   Windows Server 2008 R2 (x64)

            o   Windows Server 2012 (x64)

            o   Windows Server 2012 R2 (x64)

            o   Windows Server 2016 (x64)

            o   Windows Server 2019

·       Other software requirements:

            o   Microsoft .NET Framework 4.5

GravityZone Security for Email - Datasheet

GravityZone Security for Email Datasheet (Integrated)  

Read More
Read More Datasheet 

GravityZone Security for Email - Datasheet MSP security

Read More