Directly contact our Support Team

Integrating GravityZone Cloud with Microsoft Windows Defender Security Center

The collaboration between Microsoft and Bitdefender resulted in the integration of Bitdefender GravityZone Cloud with Microsoft Windows Defender Security Center, which enables you to detect, view, investigate, and respond to advanced cyber-attacks and data breaches on macOS and Linux-based endpoints within the Windows Defender Security Center management console.

This integration is possible by using an access token, which is unique for each customer company.

This article aims to provide complete information about binding the two platforms together, including how to generate the token, create and edit the integration.

Prerequisites

  • A valid account for Microsoft Windows Defender Security Center.

Generating the Access Token

  1. Go to Windows Defender Security Center and sign in.
  2. In the left-pane menu, click Settings and go to Machine management > Onboarding.

    Windows Defender Security Center menu

  3. On the top of the page, select the operating system: Mac and Linux.

    Non-Windows endpoint management window

  4. Under Onboard a non-windows machine, click Turn on Bitdefender. This action activates the integration with the Bitdefender solution.

    Generate token button

  5. Copy the automatically generated access token. You will need this token to create the integration on the Bitdefender platform, as described hereinafter.

    Generate token button

Creating the integration

You can create the integration between GravityZone and Microsoft Windows Defender Security Center using one of the two available methods:

  1. From GravityZone Control Center
    1. Log in to GravityZone Control Center using your company administrator credentials.
    2. Click the user menu at the upper-right corner of the console and select Integrations.

      Token field

    3. Click the Add button and choose Add Microsoft Windows Defender ATP Integration. A configuration window will appear.
    4. Enter the token obtained as described in the Generating the Access Token section.
    5. Click Save. The integration will be created and added in the Integrations page.
       
    note Note: The integration is configured only once for the same company, and it is visible for all its company administrator user accounts.


    If you need to update the integration token, just click the Microsoft Windows Defender ATP entry in the Integrations page and repeat the above-mentioned steps.
     

  2. From a dedicated Bitdefender webpage
    1. Go to the Bitdefender GravityZone page dedicated to this integration.
    2. Log in using your GravityZone account or, if you do not have one, sign up for a trial. After completing the form, you will be redirected to a new page.
    3. Paste the token in the field where asked to provide it, as in the following image.

      Token field

    4. Click Submit. A confirmation message will inform you that the integration has been created.
       

Now the two platforms are integrated and you will be able to view GravityZone events in Microsoft Windows Defender Security Center.

Testing the Integration

To check if the integration between GravityZone and Windows Defender Security Center was successful:

  1. Install Bitdefender Endpoint Security Tools on a Mac or Linux endpoint. For details regarding the installation, refer to the GravityZone Installation Guide.
  2. Download an EICAR test file from here to the protected endpoint.
    The detection will be confirmed in both platforms, as follows:
    • A notification pop-up on your endpoint.

      Notification pop-up

    • Event in the security agent’s history/timeline.

      History window

    • Entry in GravityZone antimalware reports.

      Antimalware report

    • Malware detection event in Windows Defender Security Center.

      Detection in Microsoft console

Deleting the integration

You can delete the Microsoft Windows Defender ATP integration as follows:

  1. In GravityZone Control Center, go to the Integrations page available from the menu in the upper-right corner of the console.
  2. Select the Microsoft Windows Defender ATP integration.
  3. Click the Delete button at the upper side of table. You will need to confirm the deletion in the new window that shows up. All data related to this integration will be removed from the GravityZone database and the integration will be inactivated for your company.
Can't find a solution for your problem? Open an email ticket and we will answer the question or concern in the shortest time possible.

Rate this article:

Submit