For HomeFor BusinessFor Partners
SMB Security Enterprise Security Endpoint Detection and Response
min read

What’s New in GravityZone August 2025 (v 6.65)

Grzegorz Nocoń
Grzegorz Nocoń

August 21, 2025

What’s New in GravityZone August 2025 (v 6.65)

Bitdefender rolled out new functionality in Bitdefender GravityZone, a comprehensive cybersecurity platform that provides prevention, protection, detection, and response capabilities for organizations of all sizes. These features, updated in August 2025, align with our multi-layered security strategy and ease the workload of security analysts, administrators, and users.  

What’s new for Security Analysts

In a dynamic cybersecurity landscape, security analysts are responsible for uncovering any signs of potential sophisticated attacks to make the invisible visible. This section describes new functionality designed to elevate the capabilities of analysts, offering enhanced tools for threat detection, investigation, and response.  

Enhanced Incident Management Across EDR & XDR 

Bitdefender Live Search is an addition to EDR and XDR tools, enhancing threat hunting and active incident response capabilities. It empowers your organization to proactively combat threats and swiftly respond to incidents across all major endpoint platforms, including Windows, Linux, and macOS. 

With the latest release, you can pivot from the EDR and XDR incident graph directly into Live Search with a predefined query tailored to the incident context. For EDR processes, you can click on Related processes in Live Search to search for all associated processes. Similarly, for network nodes, the Related connections in Live Search option will search for all network connections initiated by the affected endpoint. For XDR endpoint and server nodes, you can view "Related processes" and "Related connections" directly within Live Search. 

Enhanced Incident Management Across EDR & XDR

Want to master threat hunting and incident response with EDR & XDR?
Register for our exclusive masterclasses to learn more here. 

Google Cloud Platform Sensor Enhancement 

Google Cloud Platform Sensor monitors activity, indicating potential security compromises in Google Cloud resources, and detects security incidents at any stage of the attack lifecycle. It not only identifies suspicious activity but also gives you the possibility to take immediate action via the GravityZone console.  

With the latest update, you can now reset the password for compromised or suspicious Google Workspace accounts directly from the user node in the XDR incident Graph. Simply click the "Reset Google Account Password" option under the Actions menu. 

Container Image Scanner 

Container images are self-contained, executable packages that include everything needed to run software, such as the code, runtime, libraries, and system tools. 

With this update, the Bitdefender Container Image Scanner is now available in the Integration Hub, offering a powerful new layer of security for your containerized applications. This tool allows you to scan container images directly from local tarball archives in CI/CD pipelines or from container registries, integrating seamlessly into your organizational workflow. 

Leveraging the Bitdefender Container Security Tools command-line interface (bcst-cli), the scanner performs checks directly during build and test stages. This helps identify vulnerabilities early in development, before images are fully built or pushed. For images already in registries, it provides continuous monitoring to detect new vulnerabilities as they emerge.  

The scanner supports major registries, including AWS ECR, Azure Container Registry, and Google Artifact Registry. For registry scans, all results are sent to GravityZone and displayed centrally in the Risk Management section. For tarball scans, detailed reports can be generated in JSON, Markdown, or SARIF formats, providing flexible output for further analysis. For more information about Container Image Scanner configuration, please visit the Bitdefender Support Center here. 

For comprehensive insights into container security and risk management, we invite you to register for our upcoming masterclasses here.  

macOS Support for Endpoint Risk Management 

Endpoint Risk Management allows you to identify misconfigurations, including issues with local and group policies, computer configuration settings, and application vulnerabilities, while Identity Risk allows you to track end users' activity that could potentially compromise your organization’s security. 

With this release, macOS endpoints are now supported alongside existing Windows and Linux operating systems, providing comprehensive visibility across your diverse IT environment. All identified risks are consolidated and displayed in the dedicated Risk Management dashboard for easy review and remediation planning. 

New PHASR Dashboard and Control Insights 

PHASR proactively hardens your systems by analyzing user behavior to prevent "Living off the Land" attacks and targeted threats. It utilizes anomaly detection to enable tailored, application-level action blocking, to rapidly reduce your attack surface without disrupting operations. 

With the latest release, PHASR dashboard widgets display remaining learning time and percentage based on the shortest rule learning period for each category.  

Additionally, all the widgets for monitored categories include a 'Restricted behavioral profiles' section, providing insight into enforced actions for Autopilot and Direct Control mode. 

Bitdefender MDR Enhancements 

Bitdefender's Managed Detection and Response (MDR) services provide 24/7 continuous threat monitoring and expert-driven incident response, essentially acting as your outsourced security department. MDR significantly augments your existing security capabilities by offering specialized expertise, around-the-clock coverage, and access to advanced threat intelligence. 

Customers can now activate MDR or MDR Plus licenses in GravityZone by providing an MDR contact after license validation. This MDR contact information will be entered into the Emergency Contact section of the MDR Portal, and the MDR Customer Success Team will reach out to this contact in the event of a security incident. 

Partners can also assign MDR or MDR Plus licenses during customer company creation or modification, enabling them to enroll in the MDR service and gain access to their customer's MDR Portal instances. However, an emergency contact must be configured for this. This contact can be a verified MDR Partner contact from the customer's hierarchy, an existing GravityZone user, or custom contact info verified via email. All companies in the hierarchy must share management permissions with their partners for the MDR service to work.  

For self-serve multi-tenant configurations, annual partners will now be able to enroll into the MDR Portal by providing MDR contact information in GravityZone. The partner will then be able to log into the MDR Portal and view a summary dashboard of their customers, and then drill into the data for each customer as necessary.  

MDR now supports hybrid partners—that is, partners with both monthly and annual customers. Hybrid partners will be able to see both types of customers from a single console in the MDR Portal. Customers will inherit Emergency Contacts from the partners above them. The partner emergency contacts and customer emergency contacts can be ordered as desired.  

With the release of the single sign-on (SSO) for MDR Portal, user credentials for both customers and partners are managed within the GravityZone console. User role management for MDR continues to occur within the MDR Portal. 

A dedicated MDR service page has been added to GravityZone Control Center. It displays MDR enrollment status, entitlement period, and service model for customers and provides partners with a unified view of the service status of all their customers. It includes an "Open console" button that provides direct access to the MDR portal. 

Additionally, a new MDR Security Telemetry exclusion page is available in Control Center. It displays the exclusion rules configured by Bitdefender MDR and applied to the security events selected in the endpoint policy under Agent > Security Telemetry. 

Learn more about Bitdefender MDR and see how it can benefit your organization by registering for our masterclasses here. 

What’s new for Administrators 

With administrators constantly juggling numerous tasks and responsibilities, tools designed to make their daily tasks easier are highly appreciated. This section describes new functionality designed to facilitate the management of features responsible for prevention, protection, and detection in a defense-in-depth security architecture. 

New Potentially Unwanted Applications (PUA) Actions 

Potentially Unwanted Applications (PUAs) are programs that may not be malicious in intent but often consume system resources, display aggressive ads, collect your data without consent and even perform secondary downloads that might include malware. They often arrive bundled with legitimate software, negatively impacting your system's performance and security.  

With the latest release, Bitdefender GravityZone Control Center introduces enhanced control over Potentially Unwanted Applications (PUA). Now, you can define specific actions for PUA detection. This configuration flexibility applies not only to direct malware scans available in the Network section but also within the comprehensive Policies configuration for both On-access and On-demand scans. These new actions include: 

  • Report only 
  • Remediate 
  • Move to quarantine 

API Enhancements  

Bitdefender Control Center APIs enable developers to automate business workflows. These APIs are exposed via the JSON-RPC 2.0 protocol. You can find usage examples and documentation in our Support Center, located here.    

With the latest release, the API calls are updated to support the following functionalities.  

PHASR API  

  • getMonitoredRules – displays all monitored rules across behavioral categories for a specific company
  • getMonitoredRuleData – provides detailed information about specific PHASR rules and the applied behavioral profiles for each of them
  • editMonitoredRulesAccess – set up to allow or restrict access based on the recommendation generated by a specific rule to behavioral profiles 

MDR API 

You can add mdrContactInfomration object in createCompany, updateCompanyDetails, setLicenseKey, and add ProductKey. The mdrContactInformation object will be returned for getCompanyDetails, getCompanyDetailsByUser, and getNetworkInventoryItems. These updates enable the automation of new MDR and MDR Plus licenses through APIs. 

Policies API 

  • setPolicyModuleState – you can enable or disable settings for a specific Policy 

Incident response actions API 

  • createResponseAction has two new values for actionType: 
     8 – Disable a Google user
    9 – Reset credentials for a Google user  

Summary 

Bitdefender GravityZone platform stands out from the crowd, offering a one-stop solution for all your organization's security needs. As the digital landscape evolves, Bitdefender remains proactive, providing prevention, protection, detection, and response capabilities, ensuring the ongoing safety of organizations of all sizes worldwide.  

To learn more about the Bitdefender GravityZone platform, contact us or a Bitdefender partner for more information. You can also start a free trial by requesting a demo here.

tags

SMB Security Enterprise Security Endpoint Detection and Response

Author

Grzegorz Nocoń

Grzegorz Nocoń

Grzegorz Nocon is a graduate of the Faculty of Physics at the University of Silesia. With over 16 years of experience in the IT industry, he currently works as a Technical Marketing Engineer at Bitdefender. A strong supporter of a holistic approach to security and passionate about solving security problems in a comprehensive and integrated way. Outside of work, an avid CrossFit enthusiast and a lover of fantasy literature.

View all posts

Right now Top posts

Why Alert Volume Matters: Cutting Through the Noise
Endpoint Protection & Management

Why Alert Volume Matters: Cutting Through the Noise

February 27, 2025

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again
Ransomware Threat Research Threat Intelligence

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again

November 13, 2024

5 Approaches to Counter a Cybercriminal’s Growing Arsenal
Enterprise Security Threat Research

5 Approaches to Counter a Cybercriminal’s Growing Arsenal

November 06, 2024

Meow, Meow Leaks, and the Chaos of Ransomware Attribution
Enterprise Security Ransomware Threat Research Threat Intelligence

Meow, Meow Leaks, and the Chaos of Ransomware Attribution

September 29, 2024

FOLLOW US ON SOCIAL MEDIA

SUBSCRIBE TO OUR NEWSLETTER

Don’t miss out on exclusive content and exciting announcements!

You might also like

What’s New in GravityZone August 2025 (v 6.65)
SMB Security Enterprise Security Endpoint Detection and Response

What’s New in GravityZone August 2025 (v 6.65)
Grzegorz Nocoń
Grzegorz Nocoń

August 21, 2025

Bitdefender Threat Debrief | August 2025
Ransomware Threat Research Bitdefender Threat Debrief Threat Intelligence

Bitdefender Threat Debrief | August 2025
Jade Brown
Jade Brown

August 19, 2025

Curly COMrades: A New Threat Actor Targeting Geopolitical Hotbeds
Threat Research Threat Intelligence

Curly COMrades: A New Threat Actor Targeting Geopolitical Hotbeds
Victor Vrabie
Victor Vrabie

August 12, 2025

Bookmarks

loader