All Collections
Integration Guide
Bitdefender Gravityzone Integration
Bitdefender Gravityzone Integration
Ali Murtaza avatar
Written by Ali Murtaza
Updated over a week ago

About Bitdefender

GravityZone Business Security is a resource-efficient cybersecurity package that ensures complete protection against all types of malware: ransomware, phishing, zero-day attack, viruses, and spyware. By using multiple machine learning techniques, behavioral analysis, and continuous monitoring of running processes it keeps up with the latest threats.

The machine learning and behavioral analysis capabilities of Gravityzone combined together with SIRP’s risk-based SOAR platform provide SOC teams with an unparalleled defense posture. The SOC teams can continuously monitor running processes on endpoints to keep up with the latest threats.

Supported Actions

SIRP’s Gravityzone integration app allows you to execute the following actions:

S.no

Actions

Description

1

Initiate Memory Scan by Hostname

Launches a memory scan on the specified endpoint

2

Initiate Full Scan by Host

Launches a full scan on the specified endpoint

3

Initiate Quick Scan by Hostname

Launches a quick scan on the specified endpoint

4

Initiate Quick Scan by Hostname

Launches a quick scan on the specified endpoint

5

Create Rule for Destination IP as Detection

Create a custom detection rule for a destination IP

6

Create Rule for Source IP as Detection

Create a custom detection rule for a source IP

7

Create Rule for Source IP as Exclusion

Create a custom exclusion rule for a source IP

8

Create Rule for Destination IP as an Exclusion

Create a custom exclusion rule for destination IP

9

Delete Endpoint

Deletes a specified endpoint

10

Get Endpoint Details

Returns details of specified endpoint

11

Isolate Endpoint

Isolates an endpoint

12

Push Hash to Blocklist

Adds a new hash to the Blocklist.

13

Remove Hash from Blocklist

Removes a specific hash from the Blocklist

14

Unisolate Endpoint

Unisolates an endpoint

15

Set Endpoint Label

Sets a label to an endpoint

Enable and Configure the CrowdStrike App

Create Gravityzone API Credentials

  • Log in to your Gravityzone instance.

  • Click on My Account from the dropdown in the upper-left corner.

  • Under Control Center API, click Add, to generate API key

  • Add API Key Description and

  • Check Network API and Incidents API and click Save.

  • Copy the API Key on a notepad.

Configure Bitdefender App in SIRP

  • Next, log in to SIRP, then go to Apps from the left navigation bar

  • Locate the Bitdefender App.

  • Click on the Toggle button to enable the app.

  • As soon as you enable the App, you will get an option to add the configuration details.

  • Add the following details and click Save:

    • Configuration Name <Enter a distinct name>

    • URL <URL of the Bitdefender cloudstance>

    • API-Key <The API Key generated in the earlier step>

Gravity Zone in Action

Once the integration between SIRP and Bitdefender is complete, you can execute all the supported actions. For example, click on a hash then select Bitdefender > Push Hash to Blocklist.

Once the action is successfully executed, the hash would have been blocked within Gravity Zone.

Did this answer your question?