Skip to main content

Full Disk Access is not allowed for Bitdefender Endpoint Security Tools in macOS

Abstract

This article describes how to troubleshoot the “You are at risk. Full Disk Access is not allowed!” warning message displayed by Bitdefender Endpoint Security Tools.

This article describes how to troubleshoot the “You are at risk. Full Disk Access is not allowed!” warning message displayed by Bitdefender Endpoint Security Tools in macOS.

Issue

When opening the main window of Bitdefender Endpoint Security Tools on Mac, the security agent displays the following error message:

You are at risk

Full Disk Access not granted! Bitdefender requires permissions for these modules to work properly: Advanced Threat Control, Antimalware On-Access, Endpoint Detection and Response, and Patch Management modules.

Open Privacy and allow Full Disk Access for these files:

EndpointSecurityforMac

BDLDaemon.app”

Important

Starting with version 7.16.42.200020, the agent no longer requires Full Disk Access for the EndpointSecurityforMac process.

best_mac_issue_fda_67912_en.png

This issue occurs due to protection mechanisms introduced by Apple starting with macOS Mojave (10.14) that block applications from accessing system folders and resources such as Mail, Messages, Safari, and Time Machine backups.

Without Full Disk Access permissions, Bitdefender Endpoint Security Tools cannot scan these protected folders and the message will appear until you fix the issue.

Solution

To allow Full Disk Access for Bitdefender files, follow these steps:

  1. In the BEST main window, click the Open Privacy button.

    This action opens the system settings window on your Mac.

  2. In the Settings > Privacy & Security window, go to the Full Disk Access page.

  3. In the Full Disk Access list, toggle the switches to activate BDLDaemon and EndpointSecurityforMac.

    best_mac_allow_fda_67912_en.png
  4. Enter your Mac username and password and click Unlock to allow changes.

Once the Bitdefender files have Full Disk Access permissions, the BEST main window displays the message: Your Mac is safe.

Note

  • On older macOS versions, EndpointSecurityforMac and BDLDaemon are displayed as EndpointSecurityforMac.app and BDLDaemon.app. In case of a network with various macOS versions, we recommend to allow all these files to make sure you also cover older Macs. The path to these files on the system is /Library/Bitdefender/AVP/product/bin

  • To be fully functional, Bitdefender Endpoint Security Tools requires kernel extension approval in macOS. For details, refer to this topic.

  • In macOS Big Sur (11.0), Apple replaced kernel extensions with a new generation of system extensions. To accommodate this change, Bitdefender Endpoint Security Tools requires additional approvals from users. For details, refer to this topic.

  • For details on how to configure Jamf Pro for macOS Big Sur 11.0 and later, including system extensions, traffic proxy and full disk access, refer to this topic.