BitDefender has announced BitDefender Gravityzone External Attack Surface Management (EASM), a new solution that offers companies, managed service providers (MSP) and its customers a Integral visibility of its assets exposed to the Internet and its associated vulnerabilities. Gravityzone EASM drastically reduces exposure to threats and strengthens security operations through discovery, monitoring and centralized management of constantly expanding attack surfaces.
The attack surface, which covers all potential entry points for attackers, is growing rapidly due to digital transformation, cloud adoption, remote work and growing connectivity with third -party infrastructure, including partners and customers. Without centralized supervision, assets such as disused domains, badly configured and certificated cloud instances usually go unnoticed, leaving vulnerable organizations to attackers that constantly scan the Internet in search of exposed systems.
According to Gartner, “By 2029, more than 60 % of security incidents will originate from poorly configured security technical controls”. In addition, a recent survey of 1,200 cybersecurity professionals revealed that reducing the attack surface is one of the main priorities in its safety operations.
BitDefender Gravityzone EASM does not require agents or implementation in the Endpoints, and provides a powerful and proactive approach to identify and understand external risks while reducing the attack surface. Discover, mapping and continuously analyze the assets exposed from the perspective of an attacker, allowing organizations to evaluate risks quickly, identify vulnerabilities and act before they are exploited.
The solution is available as a Bitdefender Gravityzone complementthe Unified Security Platform, Risk Analysis and Compliance with the Company, which offers Advanced Protection of Endpoints (EPP), detection and response of Endpoints (EDR), Extended Detection and Response (XDR) and Native cloud security.
Gravityzone EASM scan a wide range of assets types, including IPv4 and IPV6 addresses, IP blocks, email addresses and domains. From these scanning, it offers an exhaustive discovery of assets through the detection of exposed public IPS, expired certificates or for expiring, vulnerable public services and open ports, among others, ensuring that no asset is without reviewing.
BitDefender Gravityzone EASM, main features
- Rapid discovery of internet assets: Gravityzone EASM Scan and maps all assets accessible from the Internet, including devices, domains, subdomains, applications, certificates, connections with third parties, and unauthorized or not managed technology systems by the IT department (known as Shadow It), among others – in only 30 minutes. It offers complete visibility of the attack surface of a company, even forgotten or non -supervised assets.
- Continuous monitoring of vulnerabilities, alerts and prioritization: Gravityzone EASM supervises and continuously detects vulnerabilities and configuration errors in internal and external assets, including those managed by partners, customers and suppliers of the supply chain. It provides immediate and contextualized alerts on exposed systems, expired certificates and high -risk threats, prioritized by gravity (for example, CVE scores) to facilitate the response and mitigation.
- Risk management and compliance: Integrated fluidly with BitDefender Gravityzone, combining safety, risk analysis and compliance. Gravityzone EASM supports both strategic and operational cases. Security analysts can use it for threat analysis and prioritization of vulnerabilities, while administrators benefit from broader management capabilities such as policy application and access control configuration, all from a single platform.
BitDefender Gravityzone EASM is now available for certain levels of Gravityzone license and for Bitdefender MDR services.
