-
Gravity Zone Software Execution Policy Bypass
Hi guys, all right? During the last week, I've been testing some features of GravityZone and one of them was the program execution blocking policy. From what I verified, we can block the execution of a software both by the absolute path and by the Hash (MD5/SHA). I used an EDR test file without changes and it was blocked;…
-
How GravityZone Event Push Service Connector Works
Hi Expert, Currently I use GravityZone Event Push Service Connector to get the event from GravityZone to my Syslog Server. I follow the instruction from this link documentation: https://www.bitdefender.com/business/support/en/77209-144080-build-an-event-push-service-api-connector-for-cef-standard.html and the the service…
-
Activate GravityZone on Mobile Device
I'm new to MDM. And fairly clueless. I used jamf to push GravityZone to my iPhone. Now, I'm getting the message 'The device is unlinked and it needs to be activated." What is the procedure for that task? What is the correct server address, and where is the token obtained? Where do those values come from? Thanks in advance…
-
GZ "There is no connection with the host security service. Please restart your system."
Something is going on with GZ beginning last week. We have 200 hosts across 15 separate client sites running GravityZone, and between 11/18 and today three production servers (each at a different site) have come up with the same issue - Cloud console reports "update disabled"; antimalware and power user modules are OFF;…
-
Some GravityZone Endpoints do not update automatically / fail to update
Hello all, We have an issue with some of our endpoints that don't update automatically. The vast majority of the endpoints update regularly, but some have to be pushed manually and even with that, some keep failing to do product and security content updates. Some of the problematic computers are on Windows 10 and some on…
-
How To Block Chrome Extensions With BD GravityZone Web Console?
Hello. I want to block chrome extensions in user's computer like VPN, IDM and torrents, from Bitdefender GravityZone Web Console. Please guide me on how can i do that. Thanks.
-
Antimalware Status Shows Both "On" And Red Exclamation Saying "Off". Which Is True?
Mousing over the exclamation says "Antimalware is not enabled". But the green text says "On". How do I address this?
-
GravityZone: Need Clear Requirements For Updating Patches In Air Gap Environment. Any Help?
Hello Team, Greetings! We have an air-gap environment, where the servers do not have access to internet directly. So we have setup a relay server which talks to internet and gets all the patches and we have redirected the servers (no internet access) which needs patches to relay servers for updates. However, looks like the…
-
Bitdefender Detected a Threat and Blocked Explorer
The details are below. A full scan came back clean and the user doesn't report anything out of the ordinary. I checked security logs nothing suspicious and confirmed the device is fully patched. I believe this is a false positive but would like to know more about how the "User Login" is affected in this instance. Event…
-
Can I Apply A Local Computer Policy To Client By Bitdefender GravityZone?
I want to apply policy to client, such as: set 10 mins to lock screen. Can Bitdefender GravityZone do that? I do not have AD so can not use GPO. All clients connect direct to Bitdefender GravityZone via internet.
-
How to silence alerts from Nessus Scans
Hello everyone, I was hoping someone could point me in the right direction for this issue. Gravityzone is detecting scan from Nessus (Network scan) as malicious and blocking the connections as intended. However, I was hoping to find a way to silence the alerts while maintaining the block action. Is this possible? Thank you…
-
Merge Power User antimalware exclusions with cloud policy
I want my IT staff to have access to Power User so that they could exclude custom paths from antimalware scan. Problem is when I add custom exclusions via Power User everything is being overwritten if any change is made in cloud policy. Is there a way to keep Power User custom exclusions and merge them with cloud policy…
-
Risk Management sudenly accusing Print Spooler Service Exploitable
Hello! We have Bitdefender running on our company network, and all of sudden on GravityZone some of our computers are being listed having the Print Spooler Service Exploitable vulnerability (CVE-2021-34527, "print nightmare"). However, all end-points are updated with latest Microsoft updates. I also checked other…
-
Cyber Essentials Certification Questions
Hi there, I am looking at obtaining the Cyber essentials certification. And I just want to know if there is documentation on what Bitdefender could do to help me achieve this, currently I am using Bit Defender Gravity Zone and have Bit Defender Endpoint Security. Is this a FWaaS or an SASE, where we could control what…
-
GravityZone Push Event Data Mappings
Hi all -- I have a question about a couple of the push events from GravityZone where the event contained some identifier, but no mapping is available according to the push event documentation found at https://www.bitdefender.com/business/support/en/77209-135325-push-event-json-rpc-messages.html Firewall module (module: fw)…
-
Push Event Requirements
Hi all -- I stood up an HTTP endpoint listening over SSL with basic authentication in an attempt to receive push events from GravityZone. Following the documentation, I enabled Push Events to the endpoint (enabling all event types for testing and all companies), and when sending that request, I get response from with…
-
Powershell API - Get List of Computers
I am trying to use the Control Center API to get a list of computers from GravityZone. I've got all the basics working. I generated the API key and I am able to authenticate and query data. Now I am trying to use the code at the bottom of this message to get my computers from Active Directory. No matter what I do, it seems…
-
Centralized notification settings
In GravityZone, I've just noticed that my techs have different notification settings that they've individually setup (screenshots below). Is there a reason for this? Only thing I can think of is in case different techs have different responsibilities? Is there a way to centrally manage all of this for all my techs?
-
How to fix install error from Windows Server 2008 Standard?
We are using the trial license to try BitDefender. We use the console to define some policies and generate a package to download. The following is our OS information (using VM): Windows Server 2008 R 2 Standard (Service Pack 1) Processor: Intel(R) Core(TM) i5-10500 CPU @ 3.10GHz 3.10GHz RAM: 4.00GB System type: 64-bit…
-
Gravity Zone - All Modules expired.
[FR] Bonjour, J'ai un problème sur 3 pc. Le client Bitdefender indique que tous les modules sont expirés et qu'il faut contacter l'administrateur (moi). Sur la console d'admin, les pc apparaissent comme hors réseau alors que ce n'est pas le cas. D'ailleurs, le client se met à jour sans erreurs. Je n'est pas non plus de…
-
Any way to get a list of all endpoints in gravityzone, including which group they're in?
I'm trying to clean up and reorganize our endpoints in Gravityzone. I'd like to periodically dump a list of endpoints, *including the group name* into a spreadsheet. I can run reports and export these to CSV, but 'Group' is not a column in any of the reports that I've seen. I can set the filter under Network to Depth ->…
-
Has anyone tried linking BitDefender/GZ to Microsoft Sentinel?
I am using the SIEM instructions provided here: I can't seem to get the connection to work and was wondering if anyone had tried the same or could point me in the right direction. Thanks!
-
Delete PUP / PUA on scan
Our company uses Gravity Zone to manage BitDefender, we keep getting PUA's showing in log reports - however they do not get quarantined or deleted We would like to set it so that these files get removed, however I cannot find any option in the AV settings to delete PUPs, only a checkbox to scan for them or not. Does anyone…
-
How to have log visibility and RED traffic report in BitDefender GravityZone?
We are currently doing tests with one of our clients. We have the Active Firewall and network protection module. It turns out that they run a censorship circumvention program called psiphon3 but neither the antivirus nor any of the other modules block it or detect it as suspicious. The curious thing is that I see the…
-
Global Company - Any Problems Managing Devices in BD Gravity Zone
New client with staff in Taiwan, Korea, and India. Onboarding to staff members in the US, will there be any problems when staff in other countries run the installer? Staff speaks English, there won't be any language change between installations.
-
How to add more licenses to Bitdefender GravityZone Business
Hello, We currently have a license for 20 devices, but we would like to add more devices to this plan. How can we go about getting that accomplished?
-
Web portal page is blank
Hello When I tray to access the web portal page for our BitDefender VM (which we use to distribute the BitDefender application), all I get is a white blank page, with nothing on it. I have rebooted the VM, but still only get a white page. It shows the Bitdefender Gravity Zone logo on the tab at the top, but that is all.…
-
OSSEC / Wazuh Ruleset
Hello. We're using OSSEC and Wazuh as HIDS to know the vulnerability status of our workstations. Many AV editors created some ruleset for these tools: https://github.com/ossec/ossec-rules/tree/master/rules.d https://github.com/wazuh/wazuh/tree/master/ruleset/rules , allowing to our security team to be informed when the AV…
-
GravityZone Email Security Addon problems since mid November
Before November email worked for the most part, flawlessly. Sometime in Nov something changed with their configuration. They won't admit it and will not assist, no matter how many times I've entered in tickets and called support. They just keep sending me the same directions over and over and over and over again. I follow…