For HomeFor BusinessFor Partners
SMB Security Enterprise Security Endpoint Protection & Management Endpoint Detection and Response
13 min read

What’s New in GravityZone July 2025 (v 6.64)

Grzegorz Nocoń
Grzegorz Nocoń

July 09, 2025

What’s New in GravityZone July 2025 (v 6.64)

In early July 2025, Bitdefender introduced new functionality in v 6.64 of Bitdefender GravityZone, a comprehensive cybersecurity platform that offers prevention, protection, detection, and response capabilities for organizations of all sizes. These features, consistent with our multi-layered security strategy, are intended to ease the workload of security analysts, administrators, and users.  

What’s new for Security Analysts

In a dynamic cybersecurity landscape, security analysts are responsible for uncovering any signs of potentially sophisticated attacks to make the invisible visible. This section describes new functionality designed to elevate the capabilities of analysts, offering enhanced tools for threat detection, investigation, and response.  

External Attack Surface Management (EASM)

The external attack surface refers to the internet-exposed entry points and potential vulnerabilities that an organization presents, encompassing web applications, network infrastructure, cloud services, and more. 

GravityZone External Attack Surface Management (EASM) is now generally available. EASM empowers your security team to continuously discover and analyze internet-facing assets, their services, and potential vulnerabilities. 

EASM scans a wide range of asset types, including IPv4 and IPv6 addresses, IP blocks, email addresses, and domains. Its core functionality provides comprehensive asset discovery from these scans, detecting publicly exposed IP addresses, expiring or expired certificates, vulnerable public services, and open ports, ensuring that no asset is overlooked. 

EASM Dashboard 


The EASM Dashboard offers a visual representation through clearly defined sections and easily customizable widgets. The EASM Assets section provides a comprehensive list of discovered external assets that constitute your attack surface. The EASM Artifacts section dives deeper into the specific components and indicators discovered in relation to your assets. This provides important information about problems, vulnerabilities, and misconfigurations, offering crucial context and detail about your external posture. 

Beyond comprehensive visibility, EASM data is designed to be highly actionable, enabling your security team to swiftly move from discovery to remediation and risk reduction. 

For detailed information about the EASM solution, read Introducing External Attack Surface Management (EASM). 

Enhanced Incident and Alert Analysis 

With this release, security analysts gain enhanced control over reported incidents, streamlining their incident management workflows. The Incidents section in GravityZone features a menu on top of the incidents grid, offering two additional incident management options. The 'Assign' button can be used to assign multiple incidents to the same user at the same time. When clicked, you'll see a list of users and be able to search for specific users. When a user is selected, you can choose whether to apply the change to all correlated incidents and leave a note. The 'Prioritize' button allows you to assign priorities for multiple incidents. 

The Incidents section in GravityZone 


Additionally, you can export the selected incident into PDF format. This report includes all the information that's included in Incident Advisor. 

Incident Advisor in GravityZone


The Graph section in the Incidents view has been enhanced by an actionable Activity Panel that includes a search option for alerts in the selected grouping. The Activity Panel will contain the following grouping options: 

  • By timeline: Grouped by the day they were generated
  • By MITRE technique: Grouped by the kill chain phase in which they were generated
  • By severity: Grouped by the severity they have (high, medium, low)
  • By sensor: Grouped by the sensor that detected them
  • By incident ID: Grouped by the incident in which they were discovered
  • By node: Grouped by the node on which they were discovered
  • By alert name: Groups multiple alerts with the same name under a single entry

Activity Panel in the Graph section of the Incident Advisor

What’s New for Administrators 

With administrators constantly juggling numerous tasks and responsibilities, tools designed to make their daily tasks easier are highly appreciated. This section describes new functionality designed to facilitate the management of features responsible for prevention, protection, and detection in a defense-in-depth security architecture. 

vCenter Integration for GravityZone Cloud

Cloud and virtualization offer resource optimization, server consolidation, scalability, and cost savings. VMware vCenter is a centralized management platform that allows you to control and monitor multiple ESXi hosts and their associated virtual machines from a single interface. 

With the latest release, you can integrate GravityZone Cloud Console with vCenter version 6.7 and above. The integration is available on the left side of the main menu, within the new Integrations hub section. You can find instructions on how to initiate the configuration in the GravityZone Support Center, here. 

vCenter integration in the Integration Hub of GravityZone 


This integration allows for: 

  • Seamless agent deployment: You can install the BEST agent when the BEST with Relay role is installed in the network.
  • Comprehensive security management: You can manage both Security Virtual Appliances (SVA) and BEST agents, enabling you to perform scans, risk/patch assessments, install patches, isolate endpoints, and more.
  • Automated inventory synchronization: Gather your inventory directly from vCenter via API integration, encompassing Folders, Datacenters, Compute Resources, Cluster Compute Resources, Host Systems, Resource Pools, Virtual Apps, and Virtual Machines, all grouped hierarchically. This imports your vCenter inventory structure as is (from either the Hosts & Clusters or VMs and Templates views). Please note that you cannot delete or move vCenter-imported items within GravityZone. 

Network Protection for Email Traffic Scan Enhancements 

Bitdefender Network Protection is our deep packet inspection solution, providing comprehensive protection against network-based threats. It leverages threat intelligence, content scanning, and network detection capabilities to detect and identify malicious or suspicious activity. More information about Network Protection can be found here.   

With the latest release, the email traffic scan functionality for POP3 and SMTP has been enhanced to include two additional protocols: IMAP and MAPI. To scan incoming and outgoing MAPI traffic, you must first activate encrypted MAPI interception in the General section. For POP3, SMTP, and IMAP, infected emails are replaced by notifications to the recipients, while MAPI traffic is only monitored and reported.

Network protection in the Policy configuration of GravityZone


Also new with the latest release, the General section within Network Protection now includes additional interception for encrypted traffic such as IMAPS, MAPI, POP3S, and SMTPS. 

Network protection in the Policy configuration of GravityZone 

New Integrations Hub 

The new Integrations Hub page provides tools to manage integrations. Active integrations are those already configured, and you can filter them based on several criteria, such as company, status (action required, pending, active, and so on), and type. The Integrations Catalog section provides a list of integration types compatible with GravityZone. This includes both integrations that can be configured through the Integrations Hub and those that require manual configuration. These integrations include: 

  • VMware vCenter: Automatically imports and synchronizes virtual machines from VMware vCenter into the GravityZone console's Network section.
  • Veeam Backup & Replication: Before restoring the machine, the BEST can perform a complete scan for threats. If the machine is clean, Veeam Backup & Replication restores it. If BEST detects a threat, Veeam Backup & Replication can either abort the restore process or restore the machine or its disks with specific restrictions.
  • Microsoft Active Directory: Imports inventories from on-premises Active Directory to the GravityZone console's Network section.
  • VMware Tanzu: Automatic deployment of BEST by BOSH at the time of VM instantiation.
  • Microsoft Exchange (on-premises): BEST integrates through transport agents to filter email traffic for malware, spam, and custom attachment and content detection rules.
  • SecurityCoach (KnowBe4): Allows GravityZone to send event data to SecurityCoach. 

Integration hub in GravityZone


It's essential to note that the Integrations Catalog currently does not encompass all available integration types for GravityZone. We will notify you about the Integrations Hub in the upcoming months. 

Network Section Enhancements 

The Network section provides functionalities for managing all entities available in your network. Entities are defined as physical computers, virtual machines, security servers, containers, and folders available in your network. 

With the latest release, the right-click menu released last month was enhanced by a search bar, allowing you to quickly find and execute actions within categorized sections. 

We also have enhancements for MSP partners. When more than 1,000 entities are present in a single mode, GravityZone will show 100 entities by default, and a 'Load more' button will bring an additional 100 entities to the list. We've also added auto-scroll functionality to the tree view, which brings the target node into view when performing actions such as pivoting or 'Go to location'. Additionally, the Entity type filter is now automatically populated with predefined values (physical machines, virtual machines, containers, and golden images) whenever a filter relevant only to those entities is configured. 

Threats Xplorer Section Enhancements 

Threats Xplorer centralizes detection events from multiple GravityZone technologies related to detected threats in your network, classifying them by category, threat type, remediation actions, and more. 

The Isolate action in Threats Xplorer now includes a confirmation dialog to ensure you take the desired action. Additionally, the side panel displays the isolation status of the selected device. 

API Enhancements 

Bitdefender Control Center APIs enable developers to automate business workflows. These APIs are exposed via the JSON-RPC 2.0 protocol. You can find usage examples and documentation in our Support Center, located here.   

With the latest release, the API calls have been updated to support two new functionalities, including the Integrations hub and EASM. All new API calls along with a detailed description, can be found here. 

Summary

The Bitdefender GravityZone platform is a standout offering a one-stop solution for all your organization's security needs. As the digital landscape evolves, Bitdefender remains proactive, providing prevention, protection, detection, and response capabilities to ensure the ongoing safety of organizations of all sizes worldwide.  

To learn more about the Bitdefender GravityZone platform, contact us or a Bitdefender partner for more information. You can also start a free trial by requesting a demo here. 

tags

SMB Security Enterprise Security Endpoint Protection & Management Endpoint Detection and Response

Author

Grzegorz Nocoń

Grzegorz Nocoń

Grzegorz Nocon is a graduate of the Faculty of Physics at the University of Silesia. With over 16 years of experience in the IT industry, he currently works as a Technical Marketing Engineer at Bitdefender. A strong supporter of a holistic approach to security and passionate about solving security problems in a comprehensive and integrated way. Outside of work, an avid CrossFit enthusiast and a lover of fantasy literature.

View all posts

Right now Top posts

Why Alert Volume Matters: Cutting Through the Noise
Endpoint Protection & Management

Why Alert Volume Matters: Cutting Through the Noise

February 27, 2025

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again
Ransomware Threat Research Threat Intelligence

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again

November 13, 2024

5 Approaches to Counter a Cybercriminal’s Growing Arsenal
Enterprise Security Threat Research

5 Approaches to Counter a Cybercriminal’s Growing Arsenal

November 06, 2024

Meow, Meow Leaks, and the Chaos of Ransomware Attribution
Enterprise Security Ransomware Threat Research Threat Intelligence

Meow, Meow Leaks, and the Chaos of Ransomware Attribution

September 29, 2024

FOLLOW US ON SOCIAL MEDIA

SUBSCRIBE TO OUR NEWSLETTER

Don’t miss out on exclusive content and exciting announcements!

You might also like

Bitdefender Threat Debrief | July 2025
Ransomware Bitdefender Threat Debrief Threat Intelligence

Bitdefender Threat Debrief | July 2025
Jade Brown
Jade Brown

July 11, 2025

What’s New in GravityZone July 2025 (v 6.64)
SMB Security Enterprise Security Endpoint Protection & Management Endpoint Detection and Response

What’s New in GravityZone July 2025 (v 6.64)
Grzegorz Nocoń
Grzegorz Nocoń

July 09, 2025

Introducing External Attack Surface Management (EASM)
SMB Security Enterprise Security Managed Detection and Response

Introducing External Attack Surface Management (EASM)
Grzegorz Nocoń
Grzegorz Nocoń

July 01, 2025

Bookmarks

loader