Bitdefender
GravityZone Ultra

The ultimate solution for protecting your endpoints: advanced prevention, extended detection, effective response and risk analytics.

Unified Prevention, eXtended Detection, Response and Risk Analytics for Every Organization

 

GravityZone Ultra combines the world’s most effective Protection with eXtended Endpoint Detection and Response (XEDR) capabilities to help you defend your endpoint infrastructure (workstations, servers or containers) throughout the threat lifecycle, with high efficacy and efficiency.
New cross-endpoint event correlation takes threat detection and visibility to a new level by combining the granularity and rich security context of EDR with the infrastructure-wide analytics of XDR (eXtended Detection and Response).

Adaptive security and most advanced machine learning techniques

By incorporating Risk Analytics (for endpoint and user generated risks) and hardening innovations natively, we minimize the endpoint attack surface, making it more difficult for attackers to penetrate.
With GravityZone Ultra, you will compress the time it takes to detect and respond to threats via an integrated security stack, while also reducing the need for multiple vendor solutions.

World’s Most Effective Endpoint Protection

Unifying EDR, Risk Analytics and Hardening technologies in one, single agent-single console, GravityZone leverages 30 layers of advanced techniques to successfully stop breaches throughout the entire threat lifecycle, from first contact, exploit, persistence and malicious activity.

eXtended Endpoint Detection and Response (XEDR)

The new Endpoint Detection and Response capability from Bitdefender extends EDR analytics and event correlation capabilities beyond the boundaries of a single endpoint, to help you deal more effectively with complex cyber attacks involving multiple endpoints. XEDR uniquely provides you with threat visualizations at the organizational level so you can focus investigations and respond more effectively.

Endpoint and Human Risk-Analytics driven Hardening

Bitdefender’s risk analytics engine enables you to continuously assess, prioritize and harden endpoint security misconfigurations and settings with an easy-to-understand prioritized list. It also identifies user actions and behaviors that pose a security risk to your organization.
By simplifying and automating security operations and continually reducing the attack surface, you will achieve the highest levels of protection with the lowest cost of ownership.

Features and benefits

eXtended Endpoint Detection and Response (XEDR)

This cross-endpoint correlation technology, known as eXtended EDR, takes threat detection and visibility to a new level by applying XDR capabilities for detecting advanced attacks across multiple endpoints in hybrid infrastructures (workstations, servers or containers, running various OS).

Integrated Human and Endpoint Risk Analytics

Continuously analyze risk using hundreds of factors to uncover and prioritize configuration risks to all your endpoints, enabling automatic hardening actions. It identifies user actions and behaviors that pose a security risk to the organization such as using unencrypted web pages for logging into websites, poor password management, usage of compromised USBs, recurrent infections etc.

Layered Defense

Signature-less technologies, including advanced local and cloud machine learning, behavior analysis technologies, integrated sandbox and device hardening work as a highly effective layered protection against sophisticated threats.

Low Overhead Incident Investigation and Response

Fast alert triage and incident investigation, using attack timeline and sandbox output, enable incident response teams to react fast and stop ongoing attacks (one-click to respond).

Modern, Next-gen Prevention and Detection with Automatic Remediation

World’s best prevention stack and on-execution behavior-based detection capabilities prevent and stop advanced threats from being executed on enterprise infrastructure. Once an active threat is detected, automatic response kicks-in for blocking further damage or lateral movements.

Advanced prevention capabilities

With advanced prevention capabilities such as PowerShell Defense, Exploit Defense and Anomaly Detection, GravityZone Ultra blocks modern day attacks earlier in the attack chain, at pre-execution, bullet-proofing your organization security posture. EDR enhancements such as Anomaly Detection help mitigate attackers that know how to subvert your system and detect and block anomalous behavior based on probability of maliciousness.

Network Attack Defense

Bitdefeder Network Attack Defense, a new endpoint network security layer designed to detect and prevent attack attempts which are making use of network vulnerabilities blocks several networks stream based attacks such as Brute Force, Password Stealers or Lateral Movement before they can even execute. Network Attack Defense also generates EDR incidents and is an important source of information for EDR incidents correlations.

Cross platform Coverage and 3rd Party Integration API's

It covers all enterprise endpoints, running Windows, Linux or Mac, in physical, virtualized or cloud infrastructures, delivering consistent security across entire infrastructure. Supports integration with pre-existing security operations tools (including Splunk) and optimized for datacenter technologies including all major hypervisors.

GravityZone Endpoint Risk Analysis

Enterprise-wide Risk Dashboard

Assess prioritized misconfigurations, applications and user-prone vulnerabilities across your organization’s endpoint estate.

 

Get a risk snapshot for servers and end-user devices and review the endpoints and users exposed the most.

 

Zero in on misconfigurations, vulnerable applications, user behavior risks, individual devices and users and fix misconfigurations or patch vulnerabilities.

 

EDR workflow and visualization

  • Advanced detection and response shows precisely how a potential threat works and its context in your environment.
  • MITRE attack techniques and indicators of compromise provide up to the minute insight into named threats and other malware that may be involved.
  • Easy to understand visual guides highlight critical attack paths, easing burdens on IT staff.
  • Integrated response recommendations indicate steps to remediate or reduce the attack surface.

Bitdefender layered next generation endpoint protection platform

Uses adaptive-layered architecture that includes endpoint controls, prevention, detection, remediation and visibility.

RISK ANALYTICS AND HARDENING

Endpoint Risk Analytics

Patch Management

Full-Disk Encryption

Device Control

Web-Threat Protection

Application Control

PREVENTION

Exploit Defense

Automated Sandbox Analysis

Fileless Attack Defense

Network Attack Defense

Local And Cloud Machine Learning

Automatic Disinfection & Removal

Network attack Defense

Tunable Machine Learning

Email Security

Firewall

DETECTION AND RESPONSE

Threat And Anomaly Analytics And Visualization

Remote Command Shell

Quarantine

Anomaly Detection

Quarantine

Network Threat Analytics NTSA*

Local & Cloud ML

Mitre Event Tagging

Local & Cloud ML

Root Cause Analysis

Incident Detection And Investigation

Manual Sandbox Investigation

REPORTING AND INTEGRATION

Dashboards & Reports

Notifications

SIEM Integration

API Support

Managed EDR*

MDR*

The Best Endpoint Security in the World

We’re not bragging – just quoting what independent tests say

First place results AV – Comparatives 2018 – June 2019

TESTS BY AV COMPARATIVES:

  • Real-world protection
  • Malware protection
  • Performance

Top 3 finishes in 2018 through June 2019

Bitdefender’s advanced endpoint technology is integrated into suites designed with you in mind.

 
GravityZone Suite Advanced Business Security

Fully Automated, no touch security for any enterprise

Elite Security

For security-centric enterprises
looking to automate protection while
analyzing critical threats

Ultra Security

The ultimate in advanced protection,
detection and response, designed to
address the entire threat lifecycle

Integrated Endpoint Detection and Response
Root Cause Analysis
(with 90 day historical support)
Remote Response Action
(remote shell and quarantine)
MITRE Technique Tagging
Suspicious Activity Alerting
Cloud-based Sandbox
Threat Analysis
HyperDetect User-Tunable
Machine Learning
On device machine learning based
on 80,000 malware features
Active Exploit Memory Protection
Malicious Process Behavior
Blocking
Management Console Cloud or On permise Cloud or On premise Cloud
 

Over 30 protection layers included in all suites: Advanced Threat Cleanup, Centralized Protection for Virtual Environments, Device Control, Web Threat Protection, Firewall, Exchange Malware Protection, Application Whitelisting (on premise only), Application Blacklisting, Mobile Device Management (on premise only).

Additional options:

  • Full disc encryption
  • Patch management
  • Managed Endpoint Detection and Response
  • Hypervisor security

Resources

STOP FILELESS ATTACKS AT PRE-EXECUTION

Threat actors are shifting to fileless attacks. Experts would tell you that these attacks cannot be prevented by endpoint security solutions. At Bitdefender, we challenge ourselve…

PROTECT YOUR ENTERPRISE AGAINST THE FULL SPECTRUM OF SOPHISTICATED CYBER THREATS WITH SPEED AND ACCURACY

 

Additional Protection Layers and Services

1

GRAVITYZONE EMAIL SECURITY

The ultimate multilayered protection for your entire organization from known, unknown and emerging email threats. Stop large-scale phishing, targeted attacks, CEO fraud and malware in their tracks. It is available as an add-on to GravityZone Advanced Business Security.

Download Datasheet  >

2

FULL DISK ENCRYPTION

GravityZone FDE protects data for the entire endpoint hard drive by leveraging the encryption mechanisms provided by Windows (BitLocker) and Mac (FileVault). It takes advantage of the native device encryption to ensure full compatibility and maximized performance. GZ FDE is integrated into the GravityZone Console and Agent, with no additional agent to deploy or key management server to install. The use of existing endpoint security infrastructure to manage Full Disk Encryption enables fully centralized deployment with minimal administrative effort.

Download Datasheet  >

3

PATCH MANAGEMENT

Unpatched systems leave organizations susceptible to malware incidents, outbreaks, and data breaches. Keep your OS and Applications up to date across the entire Windows install base – workstations, physical servers and virtual servers with GravityZone Patch Management.

Download Datasheet  >

SPECIFICATIONS / SYSTEM REQUIREMENTS

GravityZone Ultra is available with the cloud console. It protects desktops, laptops, servers (physical and virtual) and mailboxes. Servers should account for less than 35% of all units.

SUPPORTED OPERATING SYSTEMS

Windows Desktop
Windows 10 October 2020 Update (20H2), Windows 10 May 2020 Update (20H1), Windows 10 November 2019 Update (19H2), Windows 10 May 2019 Update (19H1), Windows 10 October 2018 Update (Redstone 5), Windows 10 April 2018 Update (Redstone 4), Windows 10 Fall Creators Update (Redstone 3), Windows 10 Creators Update (Redstone 2), Windows 10 Anniversary Update (Redstone 1), Windows 10 November Update (Threshold 2), Windows 10 (RTM, version 1507), Windows 8.1, Windows 8, Windows 7

macOS

macOS Big Sur (11.x), macOS Catalina (10.15), macOS Mojave (10.14), macOS High Sierra (10.13), macOS Sierra (10.12)

Windows Tablet and Embedded

Windows 10 IoT Enterprise, Windows Embedded 8.1 Industry, Windows Embedded 8 Standard, Windows Embedded Standard 7, Windows Embedded Compact 7, Windows Embedded POSReady 7, Windows Embedded Enterprise 7

Windows Server

Windows Server 2019 Core, Windows Server 2019, Windows Server 2016, Windows Server 2016 Core, Windows Server 2012 R2, Windows Server 2012, Windows Small Business Server (SBS) 2011, Windows Server 2008 R2

Linux

Ubuntu 14.04 LTS or higher, Red Hat Enterprise Linux / CentOS 6.0 or higher, SUSE Linux Enterprise Server 11 SP4 or higher, OpenSUSE Leap 42.x, Fedora 25 or higher, Debian 8.0 or higher, Oracle Linux 6.3 or higher, Amazon Linux AMI 2016.09 or higher

GRAVITYZONE ENDPOINT SECURITY HD
  • Exchange Server 2016, 2013, 2010
  • Physical and virtual servers
  • Roles: Edge, Hub and Mailbox
  • Protocols: SMTP, MAPI, Exchange ActiveSync
ENDPOINT SECURITY XDR

(that includes HyperDetect and Sandbox Analyzer modules) is available on:
Windows Desktop
Windows 10 October 2018 Update (version 1809), Windows 10 April 2018 Update (version 1803), Windows 10 Fall Creators Update (version 1709), Windows 10 Creators Update (version 1703), Windows 10 Anniversary Update (version 1607), Windows 10 November Update (version 1511), Windows 10 (RTM, version 1507), Windows 8.1, Windows 8, Windows 7

Windows Tablet and Embedded

Windows Embedded 8.1 Industry, Windows Embedded 8 Standard, Windows Embedded Standard 7, Windows Embedded Compact 7, Windows Embedded POSReady 7, Windows Embedded Enterprise 7

Windows Server

Windows Server 2019, Windows Server 2016, Windows Server 2016 Core, Windows Server 2012 R2, Windows Server 2012, Windows Small Business Server (SBS) 2011, Windows Server 2008 R2

Linux

Ubuntu 14.04 LTS or higher, Red Hat Enterprise Linux / CentOS 6.0 or higher, SUSE Linux Enterprise Server 11 SP4 or higher, OpenSUSE Leap 42.x, Fedora 25 or higher, Debian 8.0 or higher, Oracle Linux 6.3 or higher, Amazon Linux AMI 2016.09 or higher
Note 1: Specific kernel versions are supported. For details, please refer to the product documentation.
Note 2: Sandbox Analyzer module is not available on Linux endpoints.

ENDPOINT HARDWARE REQUIREMENTS

Minimum : 2.4 GHz single-core CPU
Recommended: 1.86 GHz or faster Intel Xeon multi-core CPU

Memory:
Minimum free RAM: 512 MB
Recommended free RAM: 1 GB
HDD space: 1.5 GB of free hard-disk space

If you want to enjoy GravityZone Ultra protection, take a quick start here: