The collaboration between Microsoft and Bitdefender resulted in an integration of their security solutions: GravityZone Ultra Security and Microsoft Windows Defender ATP. This integration enables Windows Defender ATP users to detect and respond to advanced cyber-attacks on Mac and Linux endpoints, right from Microsoft Windows Security Center.

GravityZone integrates with Microsoft Windows Defender ATP through its public APIs, based on a unique API key for each company. This article aims to explain this integration process.

• Prerequisites
• Obtain the API key
• Integrate the solutions
• Test the integration

Prerequisites

• An account with administrative access to Microsoft Windows Defender Security Center.
• Access to GravityZone Control Center.
• A GravityZone user account with the Manage Company right.

Obtain the API key

To integrate GravityZone with Microsoft Windows Defender ATP you need an API key. To obtain the key, follow these steps:

1. Log in to GravityZone Control Center.
2. Click the user menu at the upper-right corner of the console and select My Account.

   

3. Create a new GravityZone API Key:
   1. In the API section, click Add.

      

   2. In the configuration window, select all check boxes.
      
   3. Click Save.
      You can notice the new key in the API keys table.
4. Copy the key:
   1. In the keys table, click the newly-created key to open the configuration window.

      

   2. Select the string in the Key field.
   3. Copy the string to Clipboard (Ctrl+C).
   4. Click Cancel to close the window.

Integrate the solutions

1. Open the Onboarding page in another tab of your browser.
2. Paste the key from Clipboard in the API Key field (Ctrl+V).

   

3. Click Submit to continue.
4. In the new page, follow the on-screen message saying Click here to start the authorization process.

   

   The link redirects you to the Microsoft authentication page.

5. Log in with your Microsoft account.
6. Read the request for permissions.

   

7. Click Accept to complete the process.

Activation can last up to 10 minutes. Once integrated, you can view the security events from GravityZone in Microsoft Windows Defender Security Center.

Important: Adding a Microsoft integration from the Integrations page is obsolete.

Test the integration

To check if the integration between GravityZone and Windows Defender Security Center was successful:

1. Install Bitdefender Endpoint Security Tools on a Mac or Linux endpoint. For details about the installation, refer to the GravityZone Installation Guide.
2. Download an EICAR test file to the protected endpoint.
   Both solutions will confirm the detection, as follows:
   • The malware detection event appears in Windows Defender Security Center.

     

   • A notification pop-up appears on the protected endpoint.

     

   • An event in the security agent’s history/timeline.

     

   • An entry in GravityZone Malware Activity report.