For HomeFor BusinessFor Partners
Enterprise Security Endpoint Protection & Management
6 min read

GravityZone PHASR: Redefining Endpoint Security with Tailored Hardening for Every User

Cristian Iordache

April 23, 2025

GravityZone PHASR: Redefining Endpoint Security with Tailored Hardening for Every User

Cyberattacks have shifted away from using custom malware. Today, attackers use stolen credentials, successfully abuse legitimate applications and reuse playbooks to blend in with normal activity and remain undetected. 

To stop stealthy attacks that leverage legitimate tools and access, we’re introducing Bitdefender GravityZone PHASR, which enables Proactive Hardening and Attack Surface Reduction to reduce your attack surface. PHASR is a groundbreaking solution that minimizes employee attack surfaces by building behavioral risk profiles and enabling easy restriction of unused, risky tools and actions for each user. 

Unnecessarily Large Attack Surfaces and Rise in LOTL Attacks 

Living Off the Land (LOTL) techniques, where attackers employ trusted system tools, are now involved in 70% of cyberattacks. Although IT and security teams utilize robust application allowlisting and attack surface rules, employees still have access to hundreds of risky utilities and applications they never use, which means up to 95% of their attack surface is unnecessary. 

Because conventional endpoint security is static and built to fit all users, organizations can’t uncover and block access to LOTL binaries such as PowerShell, Bitsadmin, WMI or remote admin tools for those who don’t use them, without impacting productivity or generating high administrative overhead. 

Tailored and Precise Hardening Eliminates Unnecessary Risk and Attack Pattern Reuse 

Bitdefender GravityZone PHASR changes the one-size-fits-all security paradigm by tailoring hardening and security configurations to each user’s unique behavior and active attack vectors.  

PHASR uses individualized AI algorithms to continuously learn the behavior patterns for each user-endpoint pair. It then correlates these patterns with Bitdefender Labs threat intelligence to identify risky tools, and playbooks that are used in attacks, which are atypical for specific users and can be safely restricted.  

By going beyond binary application allow/deny decisions to use precise control, and applying restrictions of risky and unusual actions within allowed tools, PHASR can help you achieve unprecedented attack surface reduction. 

PHASR enables security to behave differently on each system, so it neutralizes attack pattern reuse strategies, where attackers perfect a security bypass on one system and reuse it against other systems. 

Deep Attack Surface Reduction Without the Administrative Burden 

One of the biggest challenges in endpoint protection is managing complexity. With dozens of tools, endless configurations, and mounting alerts, security teams are stretched thin.   

PHASR reduces that burden instead of adding to it, and it continuously adapts to evolving behaviors and threats, without requiring maintenance of granular policies and exceptions. It features: 

  • Autopilot Mode allows PHASR to autonomously apply hardening recommendations as user behavior and threat vectors change. 
  • Direct Control Mode gives administrators flexibility to selectively apply changes if desired.
  • Smart Clustering groups users who fit each recommendation to increase efficiency.
  • Risk Dashboards provide actionable metrics and visualizations that help CISOs and security leaders monitor and demonstrate posture improvements and justify investment decisions.  

PHASR is natively integrated into the GravityZone platform, making deployment as easy as a flip of a switch for existing users. After PHASR is activated, attack surface reduction recommendations become available in as little as 30 minutes for existing customers. 

PHASR Real-World Impact and Bitdefender Vision 

Bitdefender GravityZone PHASR is already being recognized as a groundbreaking solution, following an early access program and briefings with key industry analysts and influencers. 

The solution helped early access customers that are already using robust application allowlisting to reduce their attack surface by 30% or more in one month, uncover risky software that was in use but was not supposed to be (such as cryptominers) and identify tools that were unused but accessible. It also enabled security leaders to demonstrate and quantify proactive risk posture improvements to their boards. 

Bitdefender GravityZone PHASR is not an incremental advancement of an existing security category, it is the first solution of its kind that creates tailored and adaptive security for every user. This is a new paradigm for security. By dynamically tailoring attack surface reduction without impacting productivity or burdening IT operations, PHASR stops stealthy attacks that use legitimate tools before they can do damage. 

PHASR is part of the Bitdefender GravityZone Endpoint Security and XDR platform, and it advances our vision of helping all organizations proactively manage risks, achieve compliance effortlessly, and promptly respond to threats.  

Want to learn more about GravityZone PHASR and how it can reduce your attack surface and proactively stop LOTL attacks? Watch the GravityZone PHASR Global Launch Livestream or explore the GravityZone PHASR page. 

tags

Enterprise Security Endpoint Protection & Management

Author

Cristian Iordache

Cristian Iordache

Cristian Iordache is a CISSP and Principal Product Marketing Manager at Bitdefender and has spent more than a decade helping organizations address cybersecurity challenges. He loves to highlight security tips and technologies that are proven to improve security operations efficiency and effectiveness against the most elusive attacks.

View all posts

Right now Top posts

Why Alert Volume Matters: Cutting Through the Noise
Endpoint Protection & Management

Why Alert Volume Matters: Cutting Through the Noise

February 27, 2025

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again
Ransomware Threat Research Threat Intelligence

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again

November 13, 2024

5 Approaches to Counter a Cybercriminal’s Growing Arsenal
Enterprise Security Threat Research

5 Approaches to Counter a Cybercriminal’s Growing Arsenal

November 06, 2024

Meow, Meow Leaks, and the Chaos of Ransomware Attribution
Enterprise Security Ransomware Threat Research Threat Intelligence

Meow, Meow Leaks, and the Chaos of Ransomware Attribution

September 29, 2024

FOLLOW US ON SOCIAL MEDIA

SUBSCRIBE TO OUR NEWSLETTER

Don’t miss out on exclusive content and exciting announcements!

You might also like

GravityZone PHASR: Redefining Endpoint Security with Tailored Hardening for Every User
Enterprise Security Endpoint Protection & Management

GravityZone PHASR: Redefining Endpoint Security with Tailored Hardening for Every User
Cristian Iordache

April 23, 2025

7 Types of Business Email Compromise Attacks Targeting Your Organization
SMB Security Enterprise Security

7 Types of Business Email Compromise Attacks Targeting Your Organization
Catalin Cosoi

April 17, 2025

The Hidden Risks of Over-Relying on AI in Cybersecurity
SMB Security Enterprise Security Endpoint Detection and Response

The Hidden Risks of Over-Relying on AI in Cybersecurity
Paul Lupo

April 10, 2025

Bookmarks

loader