What’s New in GravityZone January 2024 (v6.47)

Grzegorz Nocoń

January 24, 2024

What’s New in GravityZone January 2024 (v6.47)

On January 23rd, Bitdefender rolled out new functionality in Bitdefender GravityZone, a comprehensive cybersecurity platform that provides prevention, protection, detection, and response capabilities for organizations of all sizes. These features, consistent with our multi-layered security strategy, are intended to ease the workload of security analysts, administrators, and users.

What's New for Security Analysts

In a dynamic cybersecurity landscape, security analysts are responsible for uncovering any signs of potential sophisticated attacks to make the invisible visible. This section describes new functionality designed to elevate the capabilities of analysts, offering enhanced tools for threat detection, investigation, and response.

Downloading Quarantined Items as Password-Protected Archives

With the latest update, Security Analysts can download quarantined files for further analysis, from Microsoft Windows OS endpoints. The files available for download are restricted to 25MB each. Once it is retrieved by the administrator, the endpoint uploads the file to GravityZone, where the administrator can download it in a password-protected archive. GravityZone can store up to 10 files, allowing for manual removal or automatic deletion after 24 hours. After deletion, the administrator can initiate a new retrieval process.

Bitdefender GravityZone Computers and VMs Quarantine management.

All the actions taken will be stored in the User Activity section for compliance purposes.

Bitdefender GravityZone User Activity section.

Administrators can decide whether the partner managing their environment can also download files. Permissions can only be added using an account with Company Administrator permission from the child company (customer). All company administrators will receive an email notification each time the partner retrieves the file from quarantine.

Bitdefender GravityZone notification email.

This feature empowers administrators with tools for efficient local analysis, controlled collaboration with trusted partners, and real-time notifications.

What’s new for Administrators

With administrators constantly juggling numerous tasks and responsibilities, tools designed to make their daily tasks easier are highly appreciated. This section describes new functionality designed to facilitate the management of features responsible for prevention, protection, and detection in a defense-in-depth security architecture.

Power User Command Line

The Power User module provides administrative rights at the endpoint level for troubleshooting purposes. It is not available by default and can be managed during the creation of the installation package or installed directly from the Network section in the GravityZone management console. More configuration information is available on the GravityZone Knowledgebase.

With the latest update, the Power User feature transitions from being GUI-based functionality to CLI commands, and it is now also available on the ARM64 architecture. This change will result in a lighter product footprint (saving around 100MB of disk space) and allow us to keep compatibility with older operating systems. Additionally, the CLI provides more granular control over the feature's functionalities. While a graphical interface for these complex policies has limitations in terms of capabilities, the CLI allows for precise control of all modules. We'll be introducing new commands to address various use cases, and the added benefit of scripting enables remote execution of Power User tasks.

Using this functionality administrators can easily manage endpoint policies locally on the stations. This includes checking the status, activating, and deactivating selected features. The modules include Antimalware On-Access Scanning, Firewall, Advanced Threat Control, Live Search, Integrity Monitoring, Command-Line Scanner, Sandbox Analyzer, Advanced Anti-Exploit, Ransomware Mitigation, Risk Management, Incident Sensor, Network Protection, Device Control, and Hyper Detect functionality

BEST Power User interface

Power User commands available for the administrator:

  • PowerUser help - lists of all the available commands.
  • PowerUser Get settings - overview of all features with their status.
  • <Feature> Get config - show the actual status of the selected feature.
  • <Feature> enable / disable - enables or disables the selected feature.
  • PowerUser reset - resets all changes performed via the console by re-applying the most recent GravityZone policy.


BEST Power User interface.

Power User functionality empowers administrators with more efficient and flexible ways to perform troubleshooting on the Bitdefender Endpoint Security Tools (BEST) agent.

Summary

Bitdefender GravityZone platform stands out from the crowd, offering a one-stop solution for all your organization's security needs. As the digital landscape evolves, Bitdefender remains proactive, providing prevention, protection, detection, and response capabilities, ensuring the ongoing safety of organizations of all sizes worldwide.

To learn more about the Bitdefender GravityZone platform, contact us or a Bitdefender partner for more information. You can also start a free trial by requesting a demo here .

tags


Author


Grzegorz Nocoń

Grzegorz Nocon is a graduate of the Faculty of Physics at the University of Silesia. With over 16 years of experience in the IT industry, he currently works as a Technical Marketing Engineer at Bitdefender. A strong supporter of a holistic approach to security and passionate about solving security problems in a comprehensive and integrated way. Outside of work, an avid CrossFit enthusiast and a lover of fantasy literature.

View all posts

You might also like

Bookmarks


loader