Bitdefender
GravityZone Business Security Enterprise
The ultimate solution for protecting your endpoints: advanced prevention, extended detection, effective response and risk analytics.
Unified Prevention, eXtended Detection, Response and Risk Analytics for Every Organization
GravityZone Business Security Enterprise combines (formally known as GravityZone Ultra) the world’s most effective Protection with eXtended Endpoint Detection and Response (XEDR) capabilities to help you defend your endpoint infrastructure (workstations, servers or containers) throughout the threat lifecycle, with high efficacy and efficiency.
New cross-endpoint event correlation takes threat detection and visibility to a new level by combining the granularity and rich security context of EDR with the infrastructure-wide analytics of XDR (eXtended Detection and Response).
By incorporating Risk Analytics (for endpoint and user generated risks) and hardening innovations natively, we minimize the endpoint attack surface, making it more difficult for attackers to penetrate.
With GravityZone Business Security Enterprise, you will compress the time it takes to detect and respond to threats via an integrated security stack, while also reducing the need for multiple vendor solutions.
World’s Most Effective Endpoint Protection
Unifying EDR, Risk Analytics and Hardening technologies in one, single agent-single console, GravityZone leverages 30 layers of advanced techniques to successfully stop breaches throughout the entire threat lifecycle, from first contact, exploit, persistence and malicious activity.
eXtended Endpoint Detection and Response (XEDR)
The new Endpoint Detection and Response capability from Bitdefender extends EDR analytics and event correlation capabilities beyond the boundaries of a single endpoint, to help you deal more effectively with complex cyber attacks involving multiple endpoints. XEDR uniquely provides you with threat visualizations at the organizational level so you can focus investigations and respond more effectively.
Endpoint and Human Risk-Analytics driven Hardening
Bitdefender’s risk analytics engine enables you to continuously assess, prioritize and harden endpoint security misconfigurations and settings with an easy-to-understand prioritized list. It also identifies user actions and behaviors that pose a security risk to your organization.
By simplifying and automating security operations and continually reducing the attack surface, you will achieve the highest levels of protection with the lowest cost of ownership.
Features and benefits
eXtended Endpoint Detection and Response (XEDR)
This cross-endpoint correlation technology, known as eXtended EDR, takes threat detection and visibility to a new level by applying XDR capabilities for detecting advanced attacks across multiple endpoints in hybrid infrastructures (workstations, servers or containers, running various OS).
Integrated Human and Endpoint Risk Analytics
Continuously analyze risk using hundreds of factors to uncover and prioritize configuration risks to all your endpoints, enabling automatic hardening actions. It identifies user actions and behaviors that pose a security risk to the organization such as using unencrypted web pages for logging into websites, poor password management, usage of compromised USBs, recurrent infections etc.
Layered Defense
Signature-less technologies, including advanced local and cloud machine learning, behavior analysis technologies, integrated sandbox and device hardening work as a highly effective layered protection against sophisticated threats.
Low Overhead Incident Investigation and Response
Fast alert triage and incident investigation, using attack timeline and sandbox output, enable incident response teams to react fast and stop ongoing attacks (one-click to respond).
Modern, Next-gen Prevention and Detection with Automatic Remediation
World’s best prevention stack and on-execution behavior-based detection capabilities prevent and stop advanced threats from being executed on enterprise infrastructure. Once an active threat is detected, automatic response kicks-in for blocking further damage or lateral movements.
Advanced prevention capabilities
With advanced prevention capabilities such as PowerShell Defense, Exploit Defense and Anomaly Detection, GravityZone Business Security Enterprise blocks modern day attacks earlier in the attack chain, at pre-execution, bullet-proofing your organization security posture. EDR enhancements such as Anomaly Detection help mitigate attackers that know how to subvert your system and detect and block anomalous behavior based on probability of maliciousness.
Network Attack Defense
Bitdefeder Network Attack Defense, a new endpoint network security layer designed to detect and prevent attack attempts which are making use of network vulnerabilities blocks several networks stream based attacks such as Brute Force, Password Stealers or Lateral Movement before they can even execute. Network Attack Defense also generates EDR incidents and is an important source of information for EDR incidents correlations.
Cross platform Coverage and 3rd Party Integration API's
It covers all enterprise endpoints, running Windows, Linux or Mac, in physical, virtualized or cloud infrastructures, delivering consistent security across entire infrastructure. Supports integration with pre-existing security operations tools (including Splunk) and optimized for datacenter technologies including all major hypervisors.
GravityZone Endpoint Risk Analysis
Enterprise-wide Risk Dashboard
Assess prioritized misconfigurations, applications and user-prone vulnerabilities across your organization’s endpoint estate.
Get a risk snapshot for servers and end-user devices and review the endpoints and users exposed the most.
Zero in on misconfigurations, vulnerable applications, user behavior risks, individual devices and users and fix misconfigurations or patch vulnerabilities.
EDR workflow and visualization
- Advanced detection and response shows precisely how a potential threat works and its context in your environment.
- MITRE attack techniques and indicators of compromise provide up to the minute insight into named threats and other malware that may be involved.
- Easy to understand visual guides highlight critical attack paths, easing burdens on IT staff.
- Integrated response recommendations indicate steps to remediate or reduce the attack surface.
Bitdefender layered next generation endpoint protection platform
Uses adaptive-layered architecture that includes endpoint controls, prevention, detection, remediation and visibility.
RISK ANALYTICS AND HARDENING
Endpoint Risk Analytics
Patch Management
Full-Disk Encryption
Device Control
Web-Threat Protection
Application Control
PREVENTION
Exploit Defense
Automated Sandbox Analysis
Fileless Attack Defense
Network Attack Defense
Local And Cloud Machine Learning
Automatic Disinfection & Removal
Network attack Defense
Tunable Machine Learning
Email Security
Firewall
DETECTION AND RESPONSE
Threat And Anomaly Analytics And Visualization
Remote Command Shell
Anomaly Detection
Network Threat Analytics NTSA*
Mitre Event Tagging
Root Cause Analysis
Incident Detection And Investigation
Manual Sandbox Investigation
REPORTING AND INTEGRATION
Dashboards & Reports
Notifications
SIEM Integration
API Support
Managed EDR*
MDR*
The Best Endpoint Security in the World
We’re not bragging – just quoting what independent tests say
First place results AV – Comparatives 2018 – June 2019
TESTS BY AV COMPARATIVES:
- Real-world protection
- Malware protection
- Performance
Top 3 finishes in 2018 through June 2019
Bitdefender’s advanced endpoint technology is integrated into suites designed with you in mind.
| GravityZone Suite |
Advanced Business Security
Fully Automated, no touch security for any enterprise |
Business Security Premium
For security-centric enterprises |
Business Security Enterprise
The ultimate in advanced protection, |
|---|---|---|---|
| Integrated Endpoint Detection and Response |  |
||
| Root Cause Analysis (with 90 day historical support) |
|
||
| Remote Response Action (remote shell and quarantine) |
|
||
| MITRE Technique Tagging | |
||
| Suspicious Activity Alerting | |
||
| Cloud-based Sandbox Threat Analysis |
|
|
|
| HyperDetect User-Tunable Machine Learning |
|
|
|
| On device machine learning based on 80,000 malware features |
|
|
|
| Active Exploit Memory Protection | |
|
|
| Malicious Process Behavior Blocking |
|
|
|
| Management Console | Cloud or On permise | Cloud or On premise | Cloud |
Over 30 protection layers included in all suites: Advanced Threat Cleanup, Centralized Protection for Virtual Environments, Device Control, Web Threat Protection, Firewall, Exchange Malware Protection, Application Whitelisting (on premise only), Application Blacklisting, Mobile Device Management (on premise only).
Additional options:
- Full disc encryption
- Patch management
- Managed Endpoint Detection and Response
- Hypervisor security
Resources
STOP FILELESS ATTACKS AT PRE-EXECUTION
Threat actors are shifting to fileless attacks. Experts would tell you that these attacks cannot be prevented by endpoint security solutions. At Bitdefender, we challenge ourselve…
PROTECT YOUR ENTERPRISE AGAINST THE FULL SPECTRUM OF SOPHISTICATED CYBER THREATS WITH SPEED AND ACCURACY
Additional Protection Layers and Services
1
GRAVITYZONE EMAIL SECURITY
The ultimate multilayered protection for your entire organization from known, unknown and emerging email threats. Stop large-scale phishing, targeted attacks, CEO fraud and malware in their tracks. It is available as an add-on to GravityZone Advanced Business Security.
2
FULL DISK ENCRYPTION
GravityZone FDE protects data for the entire endpoint hard drive by leveraging the encryption mechanisms provided by Windows (BitLocker) and Mac (FileVault). It takes advantage of the native device encryption to ensure full compatibility and maximized performance. GZ FDE is integrated into the GravityZone Console and Agent, with no additional agent to deploy or key management server to install. The use of existing endpoint security infrastructure to manage Full Disk Encryption enables fully centralized deployment with minimal administrative effort.
3
PATCH MANAGEMENT
Unpatched systems leave organizations susceptible to malware incidents, outbreaks, and data breaches. Keep your OS and Applications up to date across the entire Windows install base – workstations, physical servers and virtual servers with GravityZone Patch Management.
SPECIFICATIONS / SYSTEM REQUIREMENTS
GravityZone Business Security Enterprise is available with the cloud console. It protects desktops, laptops, servers (physical and virtual) and mailboxes. Servers should account for less than 35% of all units.
SUPPORTED OPERATING SYSTEMS
Windows Desktop
Windows 10 October 2020 Update (20H2), Windows 10 May 2020 Update (20H1), Windows 10 November 2019 Update (19H2), Windows 10 May 2019 Update (19H1), Windows 10 October 2018 Update (Redstone 5), Windows 10 April 2018 Update (Redstone 4), Windows 10 Fall Creators Update (Redstone 3), Windows 10 Creators Update (Redstone 2), Windows 10 Anniversary Update (Redstone 1), Windows 10 November Update (Threshold 2), Windows 10 (RTM, version 1507), Windows 8.1, Windows 8, Windows 7
macOS
macOS Big Sur (11.x), macOS Catalina (10.15), macOS Mojave (10.14), macOS High Sierra (10.13), macOS Sierra (10.12)
Windows Tablet and Embedded
Windows 10 IoT Enterprise, Windows Embedded 8.1 Industry, Windows Embedded 8 Standard, Windows Embedded Standard 7, Windows Embedded Compact 7, Windows Embedded POSReady 7, Windows Embedded Enterprise 7
Windows Server
Windows Server 2019 Core, Windows Server 2019, Windows Server 2016, Windows Server 2016 Core, Windows Server 2012 R2, Windows Server 2012, Windows Small Business Server (SBS) 2011, Windows Server 2008 R2
Linux
Ubuntu 14.04 LTS or higher, Red Hat Enterprise Linux / CentOS 6.0 or higher, SUSE Linux Enterprise Server 11 SP4 or higher, OpenSUSE Leap 42.x, Fedora 25 or higher, Debian 8.0 or higher, Oracle Linux 6.3 or higher, Amazon Linux AMI 2016.09 or higher
GRAVITYZONE ENDPOINT SECURITY HD
- Exchange Server 2016, 2013, 2010
- Physical and virtual servers
- Roles: Edge, Hub and Mailbox
- Protocols: SMTP, MAPI, Exchange ActiveSync
ENDPOINT SECURITY XDR
(that includes HyperDetect and Sandbox Analyzer modules) is available on:
Windows Desktop
Windows 10 October 2018 Update (version 1809), Windows 10 April 2018 Update (version 1803), Windows 10 Fall Creators Update (version 1709), Windows 10 Creators Update (version 1703), Windows 10 Anniversary Update (version 1607), Windows 10 November Update (version 1511), Windows 10 (RTM, version 1507), Windows 8.1, Windows 8, Windows 7
Windows Tablet and Embedded
Windows Embedded 8.1 Industry, Windows Embedded 8 Standard, Windows Embedded Standard 7, Windows Embedded Compact 7, Windows Embedded POSReady 7, Windows Embedded Enterprise 7
Windows Server
Windows Server 2019, Windows Server 2016, Windows Server 2016 Core, Windows Server 2012 R2, Windows Server 2012, Windows Small Business Server (SBS) 2011, Windows Server 2008 R2
Linux
Ubuntu 14.04 LTS or higher, Red Hat Enterprise Linux / CentOS 6.0 or higher, SUSE Linux Enterprise Server 11 SP4 or higher, OpenSUSE Leap 42.x, Fedora 25 or higher, Debian 8.0 or higher, Oracle Linux 6.3 or higher, Amazon Linux AMI 2016.09 or higher
Note 1: Specific kernel versions are supported. For details, please refer to the product documentation.
Note 2: Sandbox Analyzer module is not available on Linux endpoints.
ENDPOINT HARDWARE REQUIREMENTS
Minimum : 2.4 GHz single-core CPU
Recommended: 1.86 GHz or faster Intel Xeon multi-core CPU
Memory:
Minimum free RAM: 512 MB
Recommended free RAM: 1 GB
HDD space: 1.5 GB of free hard-disk space