HyperDetect
BitdefenderHyperDetect is an additional layer of security specifically designed to detect advanced attacks and suspicious activities in the pre-execution stage.
HyperDetect enhances the security measures by incorporating an additional layer of protection to the current scanning technologies such as On-Access, On-Demand, and Traffic Scan. This added layer is specifically designed to combat the latest forms of cyber-attacks, including advanced persistent threats. HyperDetect significantly improves the effectiveness of the Antimalware and Content Control protection modules by incorporating advanced heuristics that are based on artificial intelligence and machine learning techniques.
HyperDetect is a powerful tool that can accurately anticipate and identify specific attacks, as well as effectively identify advanced malware before it is executed. This advanced technology enables HyperDetect to swiftly identify threats, surpassing the capabilities of traditional signature-based or behavioural scanning methods.
Note
This module is an add-on available with a separate license key or as a part of specific bundles.
Components
HyperDetect uses the following components:
GravityZone Control Center
Security agent (Bitdefender Endpoint Security Tools installed on Windows, Linux, & Mac endpoints)
Security Server Multi-Platform
Install and configure HyperDetect
To start using this feature, follow the steps below:
Note
This feature functions through the Antimalware module, which is included by default in all installation packages. If you already have the BEST agent installed on your endpoints, no further deployment is required.
Testing out the feature
Log in to GravityZone Control Center.
Go to the Policies page from the left side menu.
Select one of the policies you are using and click Clone Policy.
Go to the Antimalware > Hyper Detect page.
Make sure the feature is enabled and that Suspicious files and network traffic option is set to Permissive.
Save the policy.
Apply the policy to one of your endpoint where you want to test the feature.
Download this file on the same endpoint.
Open the
.zip
file using thebdinfected
password.
The module will detect the file, will trigger an event, and move the file to quarantine.
Log in to GravityZone Control Center.
Go to the Policies page from the left side menu.
Select one of the policies you are using and click Clone Policy.
Go to the Antimalware > Hyper Detect page.
Make sure the feature is enabled and that Grayware option is set to Aggressive.
Save the policy.
Apply the policy to one of your endpoint where you want to test the feature.
Download this file on the same endpoint.
Open the
.zip
file using thebdinfected
password.Extract the
paranoia.4.3.exe
file.Execute the file.
The module will detect the file, and will trigger an event.
Important
Once done testing, re-apply the original policy to the endpoint you used for testing.
View Hyperdetect activity
Depending on how you configured your policy, the module will take one of the following actions when a suspicious file or process is discovered:
For files: deny access, disinfect, delete, quarantine, or just report the file.
For network traffic: block or just report the suspicious traffic.