New capabilities in Bitdefender GravityZone Stop Attacks Earlier in the Kill Chain, Simplify Incident Response and Extend Protection to Email-based Threats
Bitdefender, a global cybersecurity leader protecting over 500 million systems across 150 countries, announced new endpoint defense capabilities for GravityZone, the company’s unified endpoint prevention, detection and response platform designed to help enterprises stop threats earlier in the attack chain, as well as simplify and speed up incident response. With the new release, Bitdefender GravityZone extends its lead in endpoint prevention by identifying and stopping network-based and fileless attacks, exploits and malicious behaviors, before they reach endpoint resources. New Endpoint Detection and Response (EDR) enhancements simplify the visualization of complex threats and use embedded intelligence to speed administrator responsiveness. Bitdefender also announces GravityZone Email Security, which as an extension of the GravityZone Endpoint Security solutions, provides advanced protection against the rapidly growing incidence of business email compromise and executive impersonation attacks.
Bitdefender’s industry-leading global sensor footprint provides keen insights into attacks across all geographies and types of users. Backed by the power of Bitdefender’s threat intelligence, the new capabilities in this release enable GravityZone to detect attacks earlier in the kill chain. For instance, with the recent BlueKeep related outbreaks, Bitdefender solutions with this update are able to block the attacks prior to exploit, before ransomware or other payloads can be dropped onto the system, with no signature-based intervention. In fact, during the month of October alone, Bitdefender telemetry recorded more than 113 million brute force and password stealing attacks attempting to take down defenses and access user credentials – more than any other types of attacks, against over 6700 organizations worldwide.
“Security teams responsible for endpoint protection are challenged by both the growing volume and sophistication of attacks, ranging from brute force attacks to information stealers to executive impersonation phishing,” said Harish Agastya, Senior Vice President, Enterprise Solutions. “New technologies such as Network Attack Defense, Anomaly Defense and integrated Email Security improve GravityZone’s ability to automatically stop attacks earlier in the kill chain, avoiding breaches and protecting user credentials. In addition, the streamlined visualization and guided incident response checklists enable GravityZone users to respond to attacks on the endpoint with speed, accuracy and efficiency.”
Faster incident response with greater accuracy for the security analyst
Ponemon Institute states that only 46 percent of traditional EDR features are actively used* due to high complexity and lack of deep security knowledge requirements. Unlike hard to use EDR technologies that are too complex for most organizations, Bitdefender leads the market in “Low Overhead EDR”, making EDR easily accessible by embedding the knowledge and intelligence of elite security experts into GravityZone. This enables less security-savvy or over-stretched IT staff to address threats, harden systems and reduce the attack surface of enterprise networks. This new release delivers:
- Simplified Incident Visualization provides an efficient and simplified view of any threat, no matter how complex. By highlighting the critical path for a particular threat, users can quickly discern how attacks are working and then immediately apply that to company-wide remediation.
- Guided Incident Investigations provide an easy to use “how-to” guideline that spells out recommended remediation steps to enable accurate and complete triage without the need for additional staff.
Added privacy protection and threat blocking
Bitdefender extends its lead in prevention with several new technologies, including the ability to block password stealers and brute force attacks, keeping personally identifiable information secure.
- Network Attack Defense blocks several network stream-based attacks before they can execute by correlating multiple attack vectors, then using machine learning to analyze trends and block sophisticated attacks before they can access system resources.
- Anomaly Defense baselines system resources to spotlight unusual behavior based on MITRE threat techniques and Bitdefender’s own research. Unlike solutions that use cloud-based machine learning techniques, Bitdefender GravityZone monitors services on the host, in their local environment, to reduce noise and false positives.
- Fileless Attack Defense adds additional capabilities to block attacks from any command interpreter, such as Powershell, before they can execute.
Protects Business Email
Bitdefender Email Security addresses evolving business email compromise (BEC) attacks and associated cybercrime losses. GravityZone Email Security leverages a multi-stage threat prevention model which blocks highly redirected threats with more than 10,000 algorithms and world class reputation engines. Accommodating virtually any deployment scenario, it features a unique multi-engine platform for highly accurate message categorization and threat protection.