Welcome to GravityZone

Bitdefender employs advanced cybersecurity measures such as security content scanning and heuristic analysis (B-HAVE, ATC) to safeguard against a wide range of malicious software.

The scanning technique involves comparing scanned material with an up-to-date security database, however, there exists a vulnerability period between the emergence of new threats and the release of fixes.

Bitdefender's cybersecurity tool, B-HAVE, identifies potential malware by analyzing behavioral patterns and executing suspicious files in a secure virtual environment to evaluate their effects on the system.

For more information regarding this feature refer to Antimalware.

To safeguard against cybersecurity threats that manage to evade the heuristic engine, an additional level of security is implemented through Advanced Threat Control.

Advanced Threat Control constantly observes active processes and evaluates suspicious actions such as: disguising the process type, performing code execution in the memory space of another process (seizing process memory for privilege escalation), reproducing, depositing files, evading detection from process enumeration applications, etc.

For more information regarding this feature refer to Advanced Threat Control.

HyperDetect is a cybersecurity feature that provides an extra layer of protection against sophisticated cyberattacks and potentially harmful actions during the pre-execution phase.

HyperDetect, utilizes advanced machine learning models and stealth attack detection technology to safeguard against various cyber threats, including zero-day attacks, advanced persistent threats (APT), obfuscated malware, fileless attacks, credential stealing, targeted attacks, custom malware, script-based attacks, exploits, hacking tools, suspicious network traffic, potentially unwanted applications (PUA), and ransomware.

For more information regarding this feature refer to HyperDetect.

Advanced Anti-Exploit, powered by machine learning, is a proactive technology that prevents zero-day attacks executed through evasive exploits. TheAdvanced Anti-Exploit technology detects and prevents the newest cyber-attacks in real-time, while also addressing memory corruption vulnerabilities that may bypass other security measures.

It safeguards frequently utilized applications, including browsers, Microsoft Office, and Adobe Reader, among others, along with any additional ones that come to mind. It monitors system processes and safeguards against cybersecurity threats such as unauthorized access and process hijacking.

For more information regarding this feature refer to Advanced Anti-Exploit.

The Firewall regulates the network and Internet access of applications. The system grants automatic access to a comprehensive database of verified and authorized applications. In addition, the firewall has the capability to safeguard the system from port scanning activities, limit ICS functionality, and provide notifications when novel nodes are added to a Wi-Fi network.

For more information regarding this feature refer to Firewall.

The Network Attack Defense module is powered by Bitdefender technology that specializes in identifying network attacks that are intended to infiltrate endpoints through various techniques, including brute-force attacks, network exploits, password stealers, drive-by-download infection vectors, bots, and Trojans.

For more information regarding this feature refer to Network Attack Defense.Network Attack Defense

The Patch Management feature, seamlessly incorporated within GravityZone, ensures that both the operating systems and software applications are always up-to-date. It also offers a comprehensive overview of the patch status for all your managed Windows and Linux endpoints.

The Patch Management module includes several features, including on-demand and scheduled patch scanning, automatic and manual patching, and missing patch reporting.

For more information regarding this feature refer to Patch Management.

The Content Control module helps enforce company policies for allowed traffic, web access, data protection and applications control.

Administrators can define traffic scan options and exclusions, schedule web access while blocking or allowing certain web categories or URLs, configure data protection rules and define permissions for the use of specific applications.

For more information regarding this feature refer to Content Control.Content Control

The Device Control module effectively mitigates the risk of sensitive data leakage and malware infections that may result from external devices connected to endpoints.

This is achieved through the application of blocking rules and exceptions via policy, which covers a wide range of device types including but not limited to USB flash drives, Bluetooth devices, CD/DVD players, and storage devices.

For more information regarding this feature refer to Device Control.

With the implementation of this protective layer, you can enable comprehensive disk encryption on endpoints. This is achieved through the efficient management of BitLocker on Windows, and FileVault and diskutil on macOS.

GravityZone enables users to effortlessly encrypt and decrypt both boot and non-boot volumes with minimal intervention.

The entire process is seamlessly handled by the software, ensuring a hassle-free experience. GravityZone also retains the requisite recovery keys for unlocking volumes in the event of user forgetting their passwords.

For more information regarding this feature refer to Full Disk Encryption.

Security for Exchange offers a comprehensive suite of security features, including antimalware, antispam, antiphishing, attachment and content filtering.

These features are fully integrated with Microsoft Exchange Server, resulting in a secure messaging and collaboration environment that enhances productivity.

The cutting-edge antimalware and antispam technologies provide top-notch protection for Exchange users and effectively safeguard against the most advanced malware whilst preventing unauthorized access to sensitive user data.

For more information regarding this feature refer to Security for Exchange.

The Sandbox Analyzer offers robust protection against sophisticated hazards through its automated and thorough evaluation of dubious files that lack Bitdefender antimalware engine signatures.

Utilizing a comprehensive suite of Bitdefender technologies, the sandbox effectively executes payloads within a secure virtual environment provided by Bitdefender. This process enables the analysis of behavioral patterns and detection of any system alterations that may indicate malicious intent.

The Sandbox Analyzer feature facilitates the automatic submission of potentially malicious files that are present on managed endpoints, but remain concealed from antimalware services that rely on signature-based detection methods. The submission process is initiated by specialized heuristics that are integrated into the Antimalware on-access module of Bitdefender Endpoint Security Tools.

For more information regarding this feature refer to Sandbox Analyzer.

Endpoint Detection and Response, Endpoint Detection and Response is a cybersecurity solution that provides real-time monitoring and response capabilities to detect and prevent cyber threats on endpoints such as laptops, desktops, servers, and mobile devices.

The Endpoint Detection and Response system is a highly effective event correlation component that is designed to detect advanced threats or ongoing attacks.

For more information regarding this feature refer to Endpoint Detection and Response (EDR).

Security for Storage provides instantaneous protection for prominent network-storage and file-sharing systems. Automated system and threat-detection algorithm upgrades are seamlessly implemented, requiring no user intervention or causing any end-user disruptions.

The GravityZone Security Servers Multi-Platform can operate as ICAP servers, delivering antimalware services to Network-Attached Storage (NAS) devices and file-sharing systems that adhere to the Internet Content Adaptation Protocol (ICAP) standards outlined in RFC 3507. Multiple servers can be utilized to fulfill this role.

For more information regarding this feature refer to Security for Storage.

The GravityZone Security for Containers is a specialized Docker container that operates on an underlying Ubuntu 20.04 base image and leverages the official Debian package of BEST Linux.

The application operates as a container with elevated privileges on either a Kubernetes node or a container host.

This solution augments the security layers of the host operating system by offering server workload Endpoint Detection and Response, Advanced Anti-Exploit, and Antimalware scanning services to both the host operating system and the running containers.

Endpoint Risk Analytics identifies, assesses, and remediates Windows endpoints weaknesses via security risk scans, taking into account a vast number of indicators of risk.

The Risk Management dashboard, accessible from the main menu, provides an overview of your network risk status after scanning for indicators of risk.

By aligning with industry best practices, Endpoint Risk Analytics aims to reduce the vulnerability of your endpoints to potential attacks.

For more information regarding this feature refer to Endpoint Risk Analytics.