Skip to main content

Initial release notes

Release date: 2025.10.30

We are excited to announce the launch of Security Data Lake, a new Bitdefender solution designed to centralize, enrich, and analyze security and operational log data from across your infrastructure, all within a unified interface.

We are concurrently launching Security Data Lake for MDR, which includes full access to the product and adds MDR detections and response for selected data logs.

Accessible directly from GravityZone, Security Data Lake is available as a standalone console with its own dedicated page, similar to Email Security and Mobile Security. Access is simplified through Bitdefender’s single sign-on (SSO) system, allowing administrators to seamlessly switch between consoles using a single, secure authentication.

What it does

Security Data Lake enables organizations to collect, process, and analyze logs from multiple sources (endpoints, servers, network devices, and cloud services) in real time. The platform provides full visibility into your environment by consolidating telemetry data, detecting security-relevant events, and streamlining compliance and audit processes.

Security Data Lake integrates closely with Bitdefender GravityZone, extending its visibility beyond endpoint and network telemetry to include third-party systems and infrastructure. By leveraging streams, pipelines, and data routing, Security Data Lake automatically classifies, enriches, and routes log data to the appropriate storage destinations for search, visualization, and long-term analysis.

Security Data Lake for MDR enhances Bitdefender MDR by providing Security Operations Center (SOC) analysts with access to third-party telemetry data collected through Security Data Lake. This integration enables deeper investigations and strengthens threat detection and response capabilities.

Features

  • Log Collection - Logs are collected through lightweight agents (sidecars) that manage local collectors such as Filebeat or NXLog, and securely transmitted to the platform via forwarders over encrypted channels.

  • Data Processing - Messages are filtered and enriched using rules and pipelines, allowing administrators to normalize data and extract actionable insights.

  • Storage and Retention - Processed data can be stored in searchable Index Sets for immediate analysis or in data lakes for long-term archival and compliance needs.

  • Visualization and Search - Security Data Lake provides intuitive dashboards, search capabilities, and correlation features to simplify threat investigation and operational monitoring.

  • Triage and Investigations (MDR) - Data from selected third-party security tools is continuously monitored and integrated into the MDR incident response workflow for real-time triage and investigation.

  • Response (MDR) – The Security Operations Center (SOC) operates 24/7 to provide recommendations and response actions to contain and mitigate identified threats.

Key benefits

  • Centralized visibility across your entire environment

  • Seamless integration with GravityZone and existing Bitdefender modules

  • Scalable log ingestion and data processing architecture

  • Secure, compliant storage with TLS-encrypted communication

  • Flexible data retention for analytics, forensics, and compliance use cases

  • (MDR) 24/7 MDR analyst-led monitoring, investigations and response

Licensing

The product is available as an add-on under two new products:

  • GravityZone Security Data Lake

  • GravityZone Security Data Lake for MDR

In this section: