Security Events
The Security Events section displays information regarding detections made by Bitdefender protection modules and relies on the Event Push Service API from GravityZone Control Center.

The following security events are available with the Bitdefender Plugin:
Advanced Threat Control
Advanced Anti-Exploit
Antimalware
Antiphishing
Endpoint Detection and Response
Hyper Detect
Network Attack Defense
Ransomware Mitigation
Web Traffic Scan
Each event corresponds to an alert you can configure in Tools > Bitdefender GravityZone > Configuration > Alert Settings.
Security events also have associated monitors. For details on how to operate them, refer to Monitors.
The Security Events section is available on the Client, Location and Computer screens.
Advanced Threat Control
This page displays information regarding to detections made by the Advanced Threat Control module. It includes details such as:
Computer name
Process path
Exploit type
Process status
When the threat was last blocked
Advanced Anti-Exploit
This page displays information regarding to detections by the Advanced Anti-Exploit module. It includes details such as:
Computer name
Technique
Action taken on the exploited process
Process ID
Process path
Parent process ID
Parent process path
CVE
Detection time
Antimalware
This page displays information regarding to detections made by the Antimalware module. It includes details such as:
Computer name
Malware name
Malware type
Infection status
Infected file name
Detection time
Antiphishing
This page displays information regarding to detections made by the Content Control module. It includes details such as:
Computer name
Threat type
URL
Status
Timestamp
Endpoint Detection and Response
This page displays information regarding incidents monitored and reported by the Endpoint Detection and Response module. The main details include:
Location (available in the Client screen)
Computer name (available in the Client and Location screens)
Incident ID
Detection name
ATT&CK techniques
Severity
Main action taken
Last time the incident was updated with new information
Reporting on EDR incidents is much more complex. You can find all the details in the tickets generated by these incidents in the Service Desk > Tickets section of the ConnectWise Automate Control Center. Learn how tickets are generated in ConnectWise Automate and ConnectWise Manage in this article.
Hyper Detect
This page displays information regarding to detections made by the Hyper Detect module. It includes the following details:
Location
Computer name
Malware type
Malware name
File path
Fileless attack (yes or no)
Attack type
Status (action taken)
Detection time
Network Attack Defense
This page displays information regarding to detections made by the Network Attack Defense module. It includes details such as:
Computer name
Attack technique
Detection name
Victim’s IP address
Attacker’s IP address
Port
Action taken by Bitdefender
Ransomware Mitigation
This page displays information regarding to detections made by the Antimalware module. It includes details such as:
Computer name
Attack type
Ransomware source
The number of encrypted files
Detection time
Web Traffic Scan
This page displays information regarding to detections made by the Content Control module. It includes details such as:
Computer name
Threat type
URL
Timestamp
Access to website