Bitdefender GravityZone (on-Premises)

Version: Bitdefender GravityZone (on-prem) v6.5 to 7.0

Bitdefender GravityZone is the new Bitdefender enterprise security solution for medium to large Organizations. GravityZone leverages Bitdefender’s acclaimed anti-malware technologies, and provides a centralized security management platform for physical, virtualized, and mobile endpoints.

Bitdefender GravityZone logs configuration can be achieved via syslog. It will send logs like user activities, website activities, application activities, license activities, data backup activities, firewall activities, and malware activities. With these events, Netsurion Open XDR generates detailed reports for user logon activities, firewall activities, application activities, malware details, etc. Its graphical representation shows top malware file names, malicious websites by device name, user login failed, malware detected by IP, malware detected by device name, top policy names, action taken on malware, etc. It will generate alerts whenever the user login fails, malware has been detected, an application has been blocked, etc.

  • Security – Suspicious application activities and port scan activities.

Once Bitdefender GravityZone is configured to deliver Bitdefender GravityZone events to Netsurion Open XDR alerts, dashboards, and reports can be configured into Netsurion Open XDR.

The following are the key Data Source Integration available in Netsurion Open XDR.

Alerts

Type Name Description
Security Bitdefender GravityZone – Application suspicious activities have been detected This alert will generate whenever an application launches malicious activity.
Security Bitdefender GravityZone – Port scan has been blocked This alert will generate whenever port scan has been detected on their networks.

Reports

Type Name Description
Security Bitdefender GravityZone – Application activities This report gives information about the blocked application and its attributes. It contains field information like destination IP, source IP, exploit type, exploits path, process Id, process path, and status.
Security Bitdefender GravityZone – Portscan blocked This report gives information about the networks that have been scanned. It contains fields information like source IP, destination IP, hostname, protocol, and status.

Documentation

The configuration details are consistent with Netsurion Open XDR 9.2x and later, and Bitdefender GravityZone (on-prem).

Download Integration Guide and How-to Guide for configuration instructions and more information.