Skip to main content

Welcome to GravityZone

GravityZone is a multilayered security solution that provides enhanced attack protection by leveraging an extensive set of systems hardening, threat prevention, and detection technologies, as well as machine learning and behavioral analysis.

Explore the onboarding guide and take your first steps in using your GravityZone product.

Optimize remote work protection, enhance resistance to sophisticated ransomware attacks and data breaches, and keep risks at bay with a comprehensive solution created with your security in mind.


Bitdefender employs advanced cybersecurity measures such as security content scanning and heuristic analysis (B-HAVE, ATC) to safeguard against a wide range of malicious software.

The scanning technique involves comparing scanned material with an up-to-date security database, however, there exists a vulnerability period between the emergence of new threats and the release of fixes.

Bitdefender's cybersecurity tool, B-HAVE, identifies potential malware by analyzing behavioral patterns and executing suspicious files in a secure virtual environment to evaluate their effects on the system.

For more information regarding this feature refer to Antimalware.

Advanced Threat Control

To safeguard against cybersecurity threats that manage to evade the heuristic engine, an additional level of security is implemented through Advanced Threat Control.

Advanced Threat Control constantly observes active processes and evaluates suspicious actions such as: disguising the process type, performing code execution in the memory space of another process (seizing process memory for privilege escalation), reproducing, depositing files, evading detection from process enumeration applications, etc.

For more information regarding this feature refer to Advanced Threat Control.


HyperDetect is a cybersecurity feature that provides an extra layer of protection against sophisticated cyberattacks and potentially harmful actions during the pre-execution phase.

HyperDetect, utilizes advanced machine learning models and stealth attack detection technology to safeguard against various cyber threats, including zero-day attacks, advanced persistent threats (APT), obfuscated malware, fileless attacks, credential stealing, targeted attacks, custom malware, script-based attacks, exploits, hacking tools, suspicious network traffic, potentially unwanted applications (PUA), and ransomware.

For more information regarding this feature refer to HyperDetect.

Advanced Anti-Exploit

Advanced Anti-Exploit, powered by machine learning, is a proactive technology that prevents zero-day attacks executed through evasive exploits. TheAdvanced Anti-Exploit technology detects and prevents the newest cyber-attacks in real-time, while also addressing memory corruption vulnerabilities that may bypass other security measures.

It safeguards frequently utilized applications, including browsers, Microsoft Office, and Adobe Reader, among others, along with any additional ones that come to mind. It monitors system processes and safeguards against cybersecurity threats such as unauthorized access and process hijacking.

For more information regarding this feature refer to Advanced Anti-Exploit.


The Firewall regulates the network and Internet access of applications. The system grants automatic access to a comprehensive database of verified and authorized applications. In addition, the firewall has the capability to safeguard the system from port scanning activities, limit ICS functionality, and provide notifications when novel nodes are added to a Wi-Fi network.

For more information regarding this feature refer to Firewall.

Network Attack Defense

The Network Attack Defense module is powered by Bitdefender technology that specializes in identifying network attacks that are intended to infiltrate endpoints through various techniques, including brute-force attacks, network exploits, password stealers, drive-by-download infection vectors, bots, and Trojans.

For more information regarding this feature refer to Network Attack Defense.

Patch Management

The Patch Management feature, seamlessly incorporated within GravityZone, ensures that both the operating systems and software applications are always up-to-date. It also offers a comprehensive overview of the patch status for all your managed Windows and Linux endpoints.

The Patch Management module includes several features, including on-demand and scheduled patch scanning, automatic and manual patching, and missing patch reporting.

For more information regarding this feature refer to Patch Management.

Integrity Monitoring

The process of Integrity Monitoring involves a comprehensive evaluation and authentication of modifications executed on Windows and Linux endpoints, with the aim of determining the soundness of various entities.

The operational mechanism of Integrity Monitoring is based on both pre-defined rules, which are provided by Bitdefender, and bespoke rules.

Integrity Monitoring is designed to respond to events that are triggered for various system components such as files, folders, registry entries, users, services, and installed software, in accordance with the established guidelines.

For more information regarding this feature refer to Integrity Monitoring.

Content Control

The Content Control module helps enforce company policies for allowed traffic, web access, data protection and applications control.

Administrators can define traffic scan options and exclusions, schedule web access while blocking or allowing certain web categories or URLs, configure data protection rules and define permissions for the use of specific applications.

For more information regarding this feature refer to Content Control.

Device Control

The Device Control module effectively mitigates the risk of sensitive data leakage and malware infections that may result from external devices connected to endpoints.

This is achieved through the application of blocking rules and exceptions via policy, which covers a wide range of device types including but not limited to USB flash drives, Bluetooth devices, CD/DVD players, and storage devices.

For more information regarding this feature refer to Device Control.

Full Disk Encryption

With the implementation of this protective layer, you can enable comprehensive disk encryption on endpoints. This is achieved through the efficient management of BitLocker on Windows, and FileVault and diskutil on macOS.

GravityZone enables users to effortlessly encrypt and decrypt both boot and non-boot volumes with minimal intervention.

The entire process is seamlessly handled by the software, ensuring a hassle-free experience. GravityZone also retains the requisite recovery keys for unlocking volumes in the event of user forgetting their passwords.

For more information regarding this feature refer to Full Disk Encryption.

Security for Exchange

Security for Exchange offers a comprehensive suite of security features, including antimalware, antispam, antiphishing, attachment and content filtering.

These features are fully integrated with Microsoft Exchange Server, resulting in a secure messaging and collaboration environment that enhances productivity.

The cutting-edge antimalware and antispam technologies provide top-notch protection for Exchange users and effectively safeguard against the most advanced malware whilst preventing unauthorized access to sensitive user data.

For more information regarding this feature refer to Security for Exchange.

Sandbox Analyzer

The Sandbox Analyzer offers robust protection against sophisticated hazards through its automated and thorough evaluation of dubious files that lack Bitdefender antimalware engine signatures.

Utilizing a comprehensive suite of Bitdefender technologies, the sandbox effectively executes payloads within a secure virtual environment provided by Bitdefender. This process enables the analysis of behavioral patterns and detection of any system alterations that may indicate malicious intent.

The Sandbox Analyzer feature facilitates the automatic submission of potentially malicious files that are present on managed endpoints, but remain concealed from antimalware services that rely on signature-based detection methods. The submission process is initiated by specialized heuristics that are integrated into the Antimalware on-access module of Bitdefender Endpoint Security Tools.

For more information regarding this feature refer to Sandbox Analyzer.

eXtended Detection and Response

eXtended Detection and Response, short for eXtended Detection and Response, is a sophisticated cross-company event correlation component. It has the ability to detect advanced attacks across multiple endpoints in hybrid infrastructures, including workstations, servers, and containers, running on various operating systems.

This solution is designed to assist your incident response teams in their endeavors to investigate and address sophisticated threats. eXtended Detection and Response is a streamlined and inter-organizational solution that empowers users gain insights into network-wide incidents and mitigate their impact on your environment by accessing the extended incident view.

For more information regarding this feature refer to eXtended Detection and Response (XDR).

Endpoint Detection and Response

Endpoint Detection and Response, Endpoint Detection and Response is a cybersecurity solution that provides real-time monitoring and response capabilities to detect and prevent cyber threats on endpoints such as laptops, desktops, servers, and mobile devices.

The Endpoint Detection and Response system is a highly effective event correlation component that is designed to detect advanced threats or ongoing attacks.

For more information regarding this feature refer to Endpoint Detection and Response (EDR).

Security for Storage

Security for Storage provides instantaneous protection for prominent network-storage and file-sharing systems. Automated system and threat-detection algorithm upgrades are seamlessly implemented, requiring no user intervention or causing any end-user disruptions.

The GravityZone Security Servers Multi-Platform can operate as ICAP servers, delivering antimalware services to Network-Attached Storage (NAS) devices and file-sharing systems that adhere to the Internet Content Adaptation Protocol (ICAP) standards outlined in RFC 3507. Multiple servers can be utilized to fulfill this role.

For more information regarding this feature refer to Security for Storage.

GravityZone Security for Containers

The GravityZone Security for Containers is a specialized Docker container that operates on an underlying Ubuntu 20.04 base image and leverages the official Debian package of BEST Linux.

The application operates as a container with elevated privileges on either a Kubernetes node or a container host.

This solution augments the security layers of the host operating system by offering server workload Endpoint Detection and Response, Advanced Anti-Exploit, and Antimalware scanning services to both the host operating system and the running containers.

Email Security

Email Security is a robust solution offering businesses a wide range of features. It effectively safeguards against various types of threats, such as impersonation attacks, Business Email Compromise (BEC), CEO fraud, phishing, ransomware, and many others.

Email Security includes a powerful policy engine, connection rules, email authentication, user synchronisation, antispam, antimalware, quarantine management, safe and deny lists, executive tracking lists, disclaimer functionality, detailed reports and charts, scheduled reports, SecureMail for added protection, and AD connect for seamless integration and synchronisation with Active Directory groups. Additionally, it offers comprehensive insight into the flow of mail, including any rules that have been triggered and the corresponding actions that have been executed.

For more information regarding this feature refer to Email Security.

Mobile Security

Mobile Security is a mobile security solution able to protect mobile devices using Android, Chrome OS, or iOS operating systems against multiple threat vectors.

It is designed to protect an employee’s corporate-owned or BYOD from advanced persistent threats without sacrificing privacy or personal data.

For more information regarding this feature refer to Security for Mobile.

Endpoint Risk Analytics

Endpoint Risk Analytics identifies, assesses, and remediates Windows endpoints weaknesses via security risk scans, taking into account a vast number of indicators of risk.

The Risk Management dashboard, accessible from the main menu, provides an overview of your network risk status after scanning for indicators of risk.

By aligning with industry best practices, Endpoint Risk Analytics aims to reduce the vulnerability of your endpoints to potential attacks.

For more information regarding this feature refer to Endpoint Risk Analytics.