Latest news with #Bitdefender
Channel Post MEA
2 days ago
- Business
- Channel Post MEA
Bitdefender Launches External Attack Surface Management Solution GravityZone EASM
Bitdefender has announced Bitdefender GravityZone External Attack Surface Management (EASM), a new solution that gives businesses, managed service providers (MSPs) and their customers comprehensive visibility into their internet-facing assets and associated vulnerabilities. GravityZone EASM dramatically reduces threat exposure and strengthens security operations through centralized discovery, monitoring, and management of expanding attack surfaces. The attack surface, encompassing all potential entry points for adversaries, is rapidly expanding due to digital transformation, cloud adoption, remote work, and increased connectivity with third-party infrastructure, including partners and customers. Without centralized oversight, assets such as unused domains, misconfigured cloud instances, and expired certificates often go unnoticed—leaving organizations vulnerable to attackers who continuously scan the internet for exposed systems. According to Gartner®, 'Through 2029, more than 60% of security incidents will be traced to misconfigured technical security controls.'¹ Additionally, a recent survey of 1,200 cybersecurity professionals found that reducing the attack surface is a top priority in their security operations. Bitdefender GravityZone EASM is agentless, requiring no endpoint deployment, and delivers a powerful, proactive approach to identifying and understanding external risks while reducing the attack surface. It continuously discovers, maps, and analyzes internet-exposed assets from an attacker's perspective, enabling organizations to quickly assess risk, identify vulnerabilities, and take action before they are exploited. The solution is available as an add-on to Bitdefender GravityZone, the company's unified security, risk analytics, and compliance platform that delivers advanced endpoint protection (EPP), endpoint detection and response (EDR), extended detection and response (XDR), and cloud-native security. GravityZone EASM scans a wide range of asset types, including IPv4 and IPv6 addresses, IP blocks, email addresses, and domains. From these scans, it delivers comprehensive asset discovery by detecting publicly exposed IPs, expiring or expired certificates, vulnerable public services, open ports, and more—ensuring no asset is overlooked. Key Benefits of Bitdefender GravityZone EASM: Fast internet-facing asset discovery – GravityZone EASM scans and maps all internet-facing assets including devices, domains, subdomains, applications, certificates, third-party connections, shadow IT, and more—in as little as 30 minutes. It delivers comprehensive visibility into a business's attack surface, even for unmanaged or forgotten assets. – GravityZone EASM scans and maps all internet-facing assets including devices, domains, subdomains, applications, certificates, third-party connections, shadow IT, and more—in as little as 30 minutes. It delivers comprehensive visibility into a business's attack surface, even for unmanaged or forgotten assets. Continuous vulnerability monitoring, alerting, and prioritization – GravityZone EASM continuously monitors and detects vulnerabilities and misconfigurations across internal and external assets, including those managed by partners, customers, and supply chain vendors. It delivers immediate, context-rich alerts for exposed systems, expired certificates, and high-risk threats. Alerts are prioritized by severity (e.g., CVE scores) to streamline response and remediation. – GravityZone EASM continuously monitors and detects vulnerabilities and misconfigurations across internal and external assets, including those managed by partners, customers, and supply chain vendors. It delivers immediate, context-rich alerts for exposed systems, expired certificates, and high-risk threats. Alerts are prioritized by severity (e.g., CVE scores) to streamline response and remediation. Unified security, risk management, and compliance – Seamlessly integrated with Bitdefender GravityZone, combining security, risk analytics, and compliance—GravityZone EASM supports both strategic and operational use cases. Security analysts can leverage it for threat analysis and vulnerability prioritization, while administrators benefit from broader security management capabilities such as policy enforcement and access control configuration—all within a single platform. 'Security teams across businesses and MSPs face increasing pressure to keep pace with expanding attack surfaces, driven by digital transformation and complex third-party ecosystems,' said Andrei Florescu, president and general manager at Bitdefender Business Solutions Group. 'Effective defense-in-depth security starts by reducing the attack surface as much as possible before threats reach the detection and response layers. GravityZone EASM is a critical part of our vision for unified security, risk management, and compliance, enabling proactive discovery and control of internet-facing assets that could serve as potential entry points for attackers.' Availability Bitdefender GravityZone EASM is available now for select GravityZone license tiers, and Bitdefender MDR services. For more information, visit here.
Time of India
2 days ago
- Health
- Time of India
Govt launches website to curb drug abuse
Ranchi: State rural development and Panchayati Raj minister Dipika Pandey Singh launched a website containing ill-effects of drug use, government policies, legal provisions, de-addiction and rehabilitation as its statewide campaign to curb drug use ended on Thursday. During the event, held at Shaurya Hall in Doranda, officials said over 12,000 awareness programs were held across panchayats and districts during the fortnight long campaign. "Under chief minister Hemant Soren's directions, the deputy commissioners and the superintendents of police ensured that the awareness campaign reaches the villages. Many youths and women participated in the functions. We, however, must catch the kingpins of drug supplies. The addicted persons should be treated as patients and be de-addicted and rehabilitated," Pandey said. Chief secretary (CS) Alka Tiwari said that the network of drug peddlers is increasing rapidly, and a coordinated effort is needed to check it. "Earlier, we used to think of Punjab and north-eastern states while talking of drug abuse. Now, it is a problem for Jharkhand also. There is need for awareness drive in the offices as employees also can take to drugs under stress," she said. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like La protección de Bitdefender detiene el fraude antes de que se produzca Bitdefender Undo Principal secretary home Vandana Dadel said the administration destroyed poppy plants, which is used for making opium on over 27,000 acres in 2024-25 season. "We are conducting a training programme for 238 mukhiyas of the destructed areas to ensure that poppy cultivation does not occur there," Ranchi: State rural development and Panchayati Raj minister Dipika Pandey Singh launched a website containing ill-effects of drug use, government policies, legal provisions, de-addiction and rehabilitation as its statewide campaign to curb drug use ended on Thursday. During the event, held at Shaurya Hall in Doranda, officials said over 12,000 awareness programs were held across panchayats and districts during the fortnight long campaign. "Under chief minister Hemant Soren's directions, the deputy commissioners and the superintendents of police ensured that the awareness campaign reaches the villages. Many youths and women participated in the functions. We, however, must catch the kingpins of drug supplies. The addicted persons should be treated as patients and be de-addicted and rehabilitated," Pandey said. Chief secretary (CS) Alka Tiwari said that the network of drug peddlers is increasing rapidly, and a coordinated effort is needed to check it. "Earlier, we used to think of Punjab and north-eastern states while talking of drug abuse. Now, it is a problem for Jharkhand also. There is need for awareness drive in the offices as employees also can take to drugs under stress," she said. Principal secretary home Vandana Dadel said the administration destroyed poppy plants, which is used for making opium on over 27,000 acres in 2024-25 season. "We are conducting a training programme for 238 mukhiyas of the destructed areas to ensure that poppy cultivation does not occur there,"
The Verge
2 days ago
- The Verge
Microsoft is moving antivirus providers out of the Windows kernel
It's been nearly a year since a faulty CrowdStrike update took down 8.5 million Windows-based machines around the world, and Microsoft wants to ensure such a problem never happens again. After holding a summit with security vendors last year, Microsoft is poised to release a private preview of Windows changes that will move antivirus (AV) and endpoint detection and response (EDR) apps out of the Windows kernel. The new Windows endpoint security platform is being built in cooperation with CrowdStrike, Bitdefender, ESET, Trend Micro, and many other security vendors. 'We've had dozens of partners supply papers to us, some of them hundreds of pages long, on how they'd like it to be designed and what the requirements are,' explains David Weston, vice president of enterprise and OS security at Microsoft, in an interview with The Verge. 'I've been really pleased with this. It's an industry of competitors but everyone has stepped up and said we've got to build a platform that all of us work on.' Microsoft is keen to stress that it's not setting the rules and expecting everyone to immediately follow them, but instead build the rules together. 'We're not here to tell them how the API should work, we're here to listen and provide the security and reliability,' Weston says. 'I think if we'd gone out that some of our competitors and said, 'Here it is, take it or leave it,' that would really be a challenge.' For decades, Microsoft has built Windows in a way that has allowed developers to deliver security software that's deeply rooted into Windows, running at the kernel level of Windows — the core part of an operating system that has unrestricted access to system memory and hardware. The faulty CrowdStrike update last year highlighted just how easy it is for a kernel-level driver to go wrong and take down a machine, resulting in a Blue Screen of Death (BSOD). Microsoft now has some of its most knowledgeable Windows engineers working on these security changes. 'We've had key developers on this, some of the kernel architects of Windows and people that don't even traditionally work in security,' Weston says. 'It's really the biggest brains of core Windows being involved and collaborating with CrowdStrike, ESET, and all those folks.' The private preview will give security vendors a chance to request changes. Weston says he expects a few iterations until it's ready for vendors to make the switch. It's also not going to solve every single kernel-level driver instance straight away. 'Our goal is to start with AV and EDR, but there will likely be kernel drivers for some period as we move on to the next set of use cases.' Another big area of Windows that uses kernel-level drivers is anti-cheating engines for games. Microsoft has been speaking with game developers about how to reduce the amount of kernel usage, but it's a more complicated use case as cheaters often have to purposefully tamper with their machine to disable protections and get cheating engines running. 'A lot of [game developers] would love to not have to maintain kernel stuff, and they are very interested in how they do that,' Weston says. 'We've been talking about the requirements there, and I think we'll have more to say on that in the near future.' Riot Games told me last year that it's willing to follow potential Windows security changes and 'recede from the kernel space.' While it's going to take Microsoft and security vendors some time to work through these Windows changes, Microsoft is confident that it will see good adoption rates because its customers are asking for changes in the wake of the CrowdStrike incident. Microsoft is also getting ready to release a Windows update later this summer that will include a new Quick Machine Recovery feature, which is designed to quickly restore machines that can't boot. It prompts a device to enter the Windows Recovery Environment, where the machine can access the network and provide Microsoft with diagnostic information. 'We basically built the thing we'd love to have had for the incident last year,' Weston says. The sight of a Blue Screen of Death will also be a thing of the past, too. Microsoft is now officially redesigning its BSOD so that it's black and not blue. More on that big change here.
Techday NZ
3 days ago
- Business
- Techday NZ
Bitdefender unveils EASM for proactive attack surface security
Bitdefender has launched a solution designed to provide managed service providers, businesses, and their customers with comprehensive oversight of internet-facing assets and related vulnerabilities. The release of GravityZone External Attack Surface Management (EASM) comes amid growing focus on attack surface reduction, a strategic priority identified by cybersecurity experts and highlighted in recent industry research. Gartner forecasts suggest that, through 2029, over 60% of security incidents will be linked to misconfigured technical security controls. A recent survey of 1,200 cybersecurity professionals also places attack surface reduction at the forefront of their operational concerns. The evolving digital landscape, fuelled by ongoing digital transformation, widespread cloud adoption, remote work trends, and increased integration with third-party infrastructure, is expanding the range of potential entry points that adversaries could exploit. Bitdefender pointed out that, without effective oversight, assets such as abandoned domains, improperly configured cloud resources, and expired digital certificates may go unnoticed, potentially leaving organisations exposed to attackers who habitually probe the internet for vulnerabilities. The EASM module is designed to work without requiring deployment on endpoints, providing a proactive mechanism for identifying and assessing external risks while aiming to minimise the scope of possible attack vectors. By continually discovering, mapping, and analysing internet-exposed assets from the same perspective as potential attackers, organisations are positioned to assess risk, identify vulnerabilities, and take remedial actions before any potential exploitation. GravityZone EASM is provided as an add-on to Bitdefender GravityZone, which is the company's platform for endpoint protection, endpoint detection and response, extended detection and response, and cloud-native security. The system scans a wide range of asset categories, such as IPv4 and IPv6 addresses, IP blocks, email addresses, and domains. Comprehensive asset discovery is achieved by identifying public IPs, alerting to expiring or expired certificates, highlighting vulnerable public services, and recognising open network ports. This asset review process is intended to ensure that all relevant systems are accounted for in centralised monitoring and management. Features Bitdefender highlighted that GravityZone EASM delivers rapid discovery and visibility by scanning and mapping all internet-facing assets—including devices, domains, subdomains, applications, certificates, connections to third parties, and instances of shadow IT—within as little as 30 minutes. Organisations are provided with a full view of their attack surface, extending even to assets that are unmanaged or no longer in regular use. The solution incorporates continuous vulnerability monitoring and alerting. It detects vulnerabilities and misconfigurations across both internal and external systems, including assets managed by external partners, customers, and entities within the supply chain. Immediate, context-rich alerts for exposed systems, expired certificates, and high-risk threats are generated. Alerting is prioritised according to severity, such as CVE scores, to optimise the response processes and remediation actions. GravityZone EASM forms part of a unified approach for security, risk management, and compliance within the GravityZone platform. By integrating these functionalities, both security analysts and administrators can leverage the solution for use cases such as threat analysis, vulnerability prioritisation, policy enforcement, and configuration of access controls. All operations are managed within a single platform. "Security teams across businesses and MSPs face increasing pressure to keep pace with expanding attack surfaces, driven by digital transformation and complex third-party ecosystems," said Andrei Florescu, President and General Manager at Bitdefender Business Solutions Group. "Effective defence-in-depth security starts by reducing the attack surface as much as possible before threats reach the detection and response layers. GravityZone EASM is a critical part of our vision for unified security, risk management, and compliance, enabling proactive discovery and control of internet-facing assets that could serve as potential entry points for attackers." Bitdefender GravityZone EASM is available as an option to select license tiers of GravityZone and for use in conjunction with the company's managed detection and response services.
Scoop
3 days ago
- Business
- Scoop
Bitdefender Launches Powerful External Attack Surface Management Solution For Businesses And Managed Service Providers
Bitdefender, a global cybersecurity leader, today announced Bitdefender GravityZone External Attack Surface Management (EASM), a new solution that gives businesses, managed service providers (MSPs) and their customers comprehensive visibility into their internet-facing assets and associated vulnerabilities. GravityZone EASM dramatically reduces threat exposure and strengthens security operations through centralised discovery, monitoring, and management of expanding attack surfaces. The attack surface, encompassing all potential entry points for adversaries, is rapidly expanding due to digital transformation, cloud adoption, remote work, and increased connectivity with third-party infrastructure, including partners and customers. Without centralised oversight, assets such as unused domains, misconfigured cloud instances, and expired certificates often go unnoticed – leaving organisations vulnerable to attackers who continuously scan the internet for exposed systems. According to Gartner®, 'Through 2029, more than 60% of security incidents will be traced to misconfigured technical security controls.'¹ Additionally, a recent survey of 1,200 cybersecurity professionals found that reducing the attack surface is a top priority in their security operations. Bitdefender GravityZone EASM is agentless, requiring no endpoint deployment, and delivers a powerful, proactive approach to identifying and understanding external risks while reducing the attack surface. It continuously discovers, maps, and analyses internet-exposed assets from an attacker's perspective, enabling organisations to quickly assess risk, identify vulnerabilities, and take action before they are exploited. The solution is available as an add-on to Bitdefender GravityZone, the company's unified security, risk analytics, and compliance platform that delivers advanced endpoint protection (EPP), endpoint detection and response (EDR), extended detection and response (XDR), and cloud-native security. GravityZone EASM scans a wide range of asset types, including IPv4 and IPv6 addresses, IP blocks, email addresses, and domains. From these scans, it delivers comprehensive asset discovery by detecting publicly exposed IPs, expiring or expired certificates, vulnerable public services, open ports, and more – ensuring no asset is overlooked. Key Benefits of Bitdefender GravityZone External Attack Surface Management: Fast internet-facing asset discovery – GravityZone EASM scans and maps all internet-facing assets including devices, domains, subdomains, applications, certificates, third-party connections, shadow IT, and more – in as little as 30 minutes. It delivers comprehensive visibility into a business's attack surface, even for unmanaged or forgotten assets. Continuous vulnerability monitoring, alerting, and prioritisation – GravityZone EASM continuously monitors and detects vulnerabilities and misconfigurations across internal and external assets, including those managed by partners, customers, and supply chain vendors. It delivers immediate, context-rich alerts for exposed systems, expired certificates, and high-risk threats. Alerts are prioritised by severity (e.g., CVE scores) to streamline response and remediation. Unified security, risk management, and compliance – Seamlessly integrated with Bitdefender GravityZone, combining security, risk analytics, and compliance – GravityZone EASM supports both strategic and operational use cases. Security analysts can leverage it for threat analysis and vulnerability prioritisation, while administrators benefit from broader security management capabilities such as policy enforcement and access control configuration – all within a single platform. 'Security teams across businesses and MSPs face increasing pressure to keep pace with expanding attack surfaces, driven by digital transformation and complex third-party ecosystems,' said Andrei Florescu, president and general manager at Bitdefender Business Solutions Group. 'Effective defence-in-depth security starts by reducing the attack surface as much as possible before threats reach the detection and response layers. GravityZone EASM is a critical part of our vision for unified security, risk management, and compliance, enabling proactive discovery and control of internet-facing assets that could serve as potential entry points for attackers.'
