Bitdefender, a global cybersecurity player, has announced new endpoint defence capabilities for its GravityZone MSP platform. New features are designed to help managed service provider organisations to offer enhanced endpoint protection and detection services by identifying and stopping network-based and fileless attacks, exploits and malicious behaviours before they reach endpoint resources. Incident response for security operations is now simplified offering better guidance to streamline processes.
Backed by the power of the firm’s threat intelligence, the new capabilities of GravityZone enables managed services providers to detect attacks earlier in the kill chain, increasing protection of their customers. For instance, with the recent BlueKeep related outbreaks, Bitdefender solutions with this update are able to block the attacks prior to exploit, before ransomware or other payloads can be dropped onto the system.
The company also announced GravityZone Email Security, which offers advanced protection against the rapidly growing incidence of business email compromise and executive impersonation attacks.
Alina Draganescu, Senior Director, Security for MSP and SMB at Bitdefender, said, “With GravityZone’s proven integrated technologies and capability to identify suspicious activities across endpoints, servers and email, in the early stages of attack attempts, Managed Service Providers can provide high accuracy and efficient protection, while automating and streamlining incident response. In addition, they can offer now more value-added services and boost revenues by managing cloud email security for their small and medium business partners.”
Bitdefender GravityZone Email Security addresses evolving business email compromise (BEC) attacks and associated cybercrime losses. GravityZone Email Security leverages a multi-stage threat prevention model which blocks highly redirected threats with more than 10,000 algorithms and world class reputation engines. Accommodating virtually any deployment scenario, it features a unique multi-engine platform for highly accurate message categorisation and threat protection.
The firm extends its lead in prevention with several new technologies, including the ability to block password stealers and brute force attacks, keeping personally identifiable information secure.
Network Attack Defence blocks several network stream-based attacks before they can execute by correlating multiple attack vectors, then using machine learning to analyse trends and block sophisticated attacks before they can access system resources.
Anomaly Defence baselines system resources to spotlight unusual behaviour based on MITRE threat techniques and Bitdefender’s own research. Unlike solutions that use cloud-based machine learning techniques, Bitdefender GravityZone monitors services on the host, in their local environment, to reduce noise and false positives.
Fileless Attack Defence adds additional capabilities to block attacks from any command interpreter, such as PowerShell, before they can execute.
By embedding the knowledge and intelligence of elite security experts into GravityZone, Bitdefender makes endpoint detection and response easy for service provider IT staff. This enables them to faster address threats, harden systems and reduce the attack surface of enterprise networks. New key features include:
Simplified Incident Visualisation: Provides an efficient and simplified view of any threat, no matter how complex. By highlighting the critical path for a particular threat, analysts can quickly discern how attacks are working and then immediately apply that to client-wide remediation.
Guided Incident Investigations: Provide an easy to use “how-to” guideline that spells out recommended remediation steps to enable accurate and complete triage without the need for additional staff.
New GravityZone capabilities are available in Bitdefender MSP products. Email Security will be available as an optional MSP product with multi-tenancy and monthly licensing integrated with the Bitdefender MSP endpoint security console for centralised user management, licensing and provisioning.
Discussion about this post