inaccurate reporting of vulnerability

ogentles
ogentles CISO
edited December 2023 in Enterprise Security

The Risk Management and Security Risk within Bitdefender Gravity Zone has inaccurate information and is not in sync with or is neither corresponding with my other vulnerability tools. When we apply fixes automatically and/or manually the report does not reflect the changes and leads to confusion when reporting to higher-ups. Because of this, we are unable to attest to the efforts of the IT Team and we are losing faith and confidence in using the product. We have other vendors like Sentinel One and CrowdStrike calling us saying that they are 10 times better in this area, but we want to do our due diligence and see if Bitdefender can help us before we make wholesale changes to our security stack.


Can this issue be resolved?

Comments

  • Gjoksi
    Gjoksi Defender of the month mod

    Hello.

    Since you need help with business product, @Andrei_S Enterprise (who provides support for business products) could take a look here and help you with the issue.

    Also, you can always contact the Bitdefender business support:

    Regards.

  • Andrei_S Enterprise
    Andrei_S Enterprise Business Support Manager BD Staff

    Hello @ogentles ,

    I am sorry to hear that you are facing some difficulties with our product, however more details are required to be able to provide a solution. I was not able to find an open case on this subject so I will reach out internally and have one of our engineers contact you or someone from your organization, in order to understand better the scenario and troubleshoot the issue if needed.

    Kind Regards,

  • We have been speaking to Bitdefender about this and it is mentioned to us that there is a known issue with what we are experiencing concerning the vulnerability/risk management within the gravity zone console and reporting. When we fix/remedy the risk gaps or vulnerabilities, whether automatic or manual, the reporting information does not change. it still stays the same.

  • Hi Andrei,


    On June 25, 2023, I got the following email from Bitdefender support:

    --------------------------------------------------------------------------------------------------------------------------------------------------------------

    "Hello all,

    The matter is still under analysis and we will reply as soon as we have more details on the subject.

    Thank you for understanding and have a lovely day! 

    Best regards,

    Andrei TEGLET

    Enterprise Support Engineer"

    --------------------------------------------------------------------------------------------------------------------------------------------------------------

    Several other communications that did not lead to a resolution.

    regards,

    Omar

  • Andrei_S Enterprise
    Andrei_S Enterprise Business Support Manager BD Staff

    Hello @ogentles

    We created a case on December 19 and reached out to you via email but never received your reply so again the case closed automatically.

    Below is the email:

    Kind Regards,

  • Hi Andrei,

    It is hard to provide screenshots on this platform that can expose my network information to other members of the community. Is there a secure way that I can share information with Bitdefender to show evidence of the reporting issues we are having with the GravityZone console?


    please advise,


    Omar,

  • Andrei_S Enterprise
    Andrei_S Enterprise Business Support Manager BD Staff

    Hello @ogentles ,

    The screenshot from earlier is from the support case 00825129 that was opened by us and we reached out to you via de email address that you have on this account. You can search on inbox using the the case ID 00825129.

    Another option is to create a new ticket via the webform: https://www.bitdefender.com/support/contact-us.html?last_page=BusinessCategory

    I suggest you also provide a phone number in the "Message" field so we can easily reach out to you.

    You can attach any information there that would help the investigation which is only visible to us and your organization. The community space is no appropriate for sharing environment configs, as you mentioned, the recommended way is to open support cases and attach the relevant information there.

    Kind Regards

  • Hi Andrei,

    This is not a place where I want to share my or my company's information.

    Please provide an email address so that I can share the request safely.

    regards

  • Andrei_S Enterprise
    Andrei_S Enterprise Business Support Manager BD Staff
  • Hi Andrei,

    I have reopened the ticket, the ID number is 00828878

    I hope to resolve the issue this time.