Small Business Security Suite

Ideal for businesses looking for powerfully simple security

GravityZone Business Security Premium

Recommended to companies looking for aggressive protection against sophisticated threats.

Learn More

GravityZone Business Security

Ideal for small businesses looking for simple, yet efficient security.

Learn More

Small Business Security

Ideal for small businesses looking for set-and-forget security.

Learn More

Management Options

On premises / Cloud
On premises / Cloud
Cloud
Types of Endpoints Protected

Consistent, next-gen defenses across any type of endpoints

Physical and Virtual Workstations and Servers

State of the art security for end-user devices.
yes
yes
yes

Server Security with Smart Centralized Scanning (VDI, DaaS) - on-premises or in the cloud. (Also available by CPU socket licensing.)

Pro-VM, Pro-Cloud defenses with Smart Centralized Scanning for high performance and optimum user experience.
yes

Microsoft® Exchange

Unrivalled defense against malware, spam and phishing attempts.
yes
Security Technologies

Endpoint Risk Analytics

Assesses, prioritizes and hardens endpoint security misconfigurations and settings with an easy-to-understand prioritized list.
yes (Cloud Console Only)
yes (Cloud Console Only)

Web Threat Protection

Scans incoming web traffic, including SSL, HTTP and HTTPS traffic, to prevent the download of malware to the endpoint. Automatically blocks phishing and fraudulent web pages. Displays search ratings signaling trusted and untrusted pages.
yes
yes
yes

Device Control

Threats are often introduced into the company via removable devices. Choose which devices to allow to run and decide what will be blocked or scanned automatically.
yes
yes

Application Blacklisting

Enables full visibility and control of running applications by blacklisting unwanted software. Helps limit the risk of malicious code running undetected.
yes
yes

Application Control (Whitelisting)

Provides full visibility and control of applications installed or running on company endpoints, and prevents the execution of any application not allowed by policy.
yes (On-Premises Console Only)

Firewall

Fully-featured two-way firewall that controls applications’ access to the network and to the Internet. Furthermore, the firewall can protect the system against port scans, restrict ICS and warn when new nodes join a Wi-Fi connection
yes
yes
yes

Sandbox Analyzer

Sends suspicious files for detonation, analyzes and provides a verdict in real time. Detects zero-day and targeted attacks; Prevents real time attack prevention with auto-submit; Analyzes once enterprise-wide block.
yes

HyperDetect™ (Tunable Machine Learning)

Tunable machine learning layer, detects sophisticated threats. Blocks hacking tools, fileless attacks, zero-day malware and more.
yes

Smart Centralized Scanning

Allows up to 30% more virtual machines than traditional solutions by optimizing and centralizing scan tasks.
yes

Local and Cloud Machine Learning

Predictive detection of unknown malware; Dynamic file analysis trained on billions of samples; Local machine learning trained on 80,000 malware features.Threat intelligence from millions of endpoints globally.
yes
yes
yes

Advanced Anti-Exploit

Focuses on attack tools and techniques to detect both known and zero-day exploits that target popular software applications.
yes
yes
yes

Process Inspector

Behavior-based real time detection; Monitors all processes running in the operating system and if the process is deemed malicious, will terminate it.Formerly known as Advanced Threat Control (ATC).
yes
yes
yes

Ransomware Mitigation

Creates a real-time backup of the files before being modified by the suspicious process to mitigate the risk of losing data during advanced ransomware attacks.
yes
yes
yes

Automatic Disinfection and Removal

Automatically blocks confirmed threats through a set of predefined rules, including process termination, moving to quarantine or access blocking.
yes
yes
yes

Fileless Attacks Defense

Protects against attacks that attempt to write changes directly in memory.
yes
yes

Network Attack Defense

Protects against threats that use network vulnerabilities.
yes
yes

Extend Security with Compatible Products

Charged Add-ons

Security for Email

For all email clients, including Office 365
available (Cloud Console Only)
available (Cloud Console Only)
available

Patch Management

Keeps OSes and applications up to date across the entire Windows install base
available
available
available

Full Disk Encryption

Protects data for the entire endpoint hard drive by leveraging the encryption mechanisms provided by Windows (BitLocker) and macOS (FileVault).
available
available
available

Security for Mobile

On-device mobile security solution for iOS, Android and ChromeOS devices
available (Cloud Console Only)
available (Cloud Console Only)
available (Cloud Console Only)
Compatible Products

Advanced Threat Intelligence

Collects data from sensors across the globe - correlate hundreds of thousands of Indicators of Compromise and turn data into actionable, real-time insights.
Compatible
Compatible
Compatible

Security for Storage

Complete security solutions for data storage protection for enterprise ICAP-compatible file-sharing and network storage systems

Security for AWS

Built for virtualization, offers flexible pricing, and scales to your size and needs for optimal return on investment
Compatible
Compatible
Compatible
Available Services

Professional Services

Empower your organization with optimal security configuration, protection and tailored services.
Available
Available
Available

Premium Support

Choose the Silver, Gold or Platinum Premium Enterprise Support packages, depending on the response times and the types of proactive services necessary for your organization.
Available
Available
Available
Details
Covers desktops, servers and Exchange mailboxes. No more than 35% of licenses can be used on servers.
Covers servers and desktops. Servers should account for less than 30% of total units
Covers servers and desktops. Servers should account for less than 30% of total units

Medium and Large Business Security Suite

Ideal for Medium Businesses and Large Enterprise with comprehensive, advance security needs and strict compliance requirements

GravityZone Business Security Enterprise

Recommended to companies looking for an integrated next-gen endpoint protection and EDR platform that accurately protects against sophisticated cyber threats.'

Looking for an independent EDR solution?

Learn more

GravityZone Business Security Premium

Recommended to companies looking for a single platform that integrates prevention, hardening, and risks & incidents analytics.

Learn more

GravityZone à la carte

Recommended for companies looking for integrated security with maximum licensing flexibility.

Learn more

Management Options

On premises / Cloud
On premises / Cloud
On premises / Cloud
Types of Endpoints Protected

Consistent, next-gen defenses across any type of endpoints

Physical and Virtual Desktops and Laptops

State of the art security for end-user devices.
yes
yes
yes

Server Security with Smart Centralized Scanning (VDI, DaaS) - on-premises or in the cloud. (Also available by CPU socket licensing.)

Pro-VM, Pro-Cloud defenses with Smart Centralized Scanning for high performance and optimum user experience.
yes
yes
yes

Microsoft® Exchange

Unrivalled defense against malware, spam and phishing attempts.
yes
yes
yes (On-Premises Console Only)

Security Technologies

Prevention Modules

Local and Cloud Machine Learning

Predictive detection of unknown malware; Dynamic file analysis trained on billions of samples; Local machine learning trained on 80,000 malware features.Threat intelligence from over 500 million endpoints globally.
yes
yes
yes

Advanced Anti-Exploit

Focuses on attack tools and techniques to detect both known and zero-day exploits that target popular software applications.
yes
yes
yes

Automatic Disinfection and Removal

Automatically blocks confirmed threats through a set of predefined rules, including process termination, moving to quarantine or access blocking.
yes
yes
yes

Fileless Attacks Defense

Protects against attacks that attempt to write changes directly in memory.
yes
yes
yes

Network Attack Defense

Protects against attacks that attempt to write changes directly in memory.
yes
yes
yes

HyperDetect™ (Tunable Machine Learning)

Tunable machine learning layer, detects sophisticated threats. Blocks hacking tools, fileless attacks, zero-day malware and more.
yes
yes
Add-on

Sandbox Analyzer

Sends suspicious files for detonation, analyzes and provides a verdict in real time. Detects zero-day and targeted attacks; Real time attack prevention with auto-submit; Analyzes once enterprise-wide block.
yes
yes
Add-on
Detection and Response Modules

Process Inspector

Behavior-based real time detection; Monitors all processes running in the operating system and if the process is deemed malicious, will terminate it. Formerly known as Advanced Threat Control (ATC).
yes
yes
yes

Ransomware Mitigation

Creates a real-time backup of the files before being modified by the suspicious process to mitigate the risk of losing data during advanced ransomware attacks.
yes
yes
yes

Incident Visualization

Easy to understand visual guides highlight critical attack paths, easing burdens on IT staff.
yes
yes
Add-on

Root Cause Analysis

Highlights the attack vector, the attack entry point, and how the attack originated. Helps pinpoint the origin node of attack, highlighted in the Incident page. The confidence score provides context for security events.
yes
yes
Add-on

Anomaly Defense

Baselines system resources to spotlight unusual behavior based on MITRE threat techniques and Bitdefender’s own research.
yes
Add-on

MITRE Event Tagging

MITRE attack techniques and indicators of compromise provide up to the minute insight into named threats and other malware that may be involved.
yes
Add-on
Hardening and Risk Analytics Modules

Endpoint Risk Analytics

Assesses, prioritizes and hardens endpoint security misconfigurations and settings with an easy-to-understand prioritized list.
yes (Cloud Console Only)
yes (Cloud Console Only)
yes (Cloud Console Only)

Web Threat Protection

Scans incoming web traffic, including SSL, HTTP and HTTPSs traffic, to prevent the download of malware to the endpoint. Automatically blocks phishing and fraudulent web pages. Displays search ratings signaling trusted and untrusted pages.
yes
yes
yes

Device Control

Threats are often introduced into the company via removable devices. Choose which devices to allow to run and decide what will be blocked or scanned automatically.
yes
yes
yes

Application Control (Blacklisting)

Enables full visibility and control of running applications by blacklisting unwanted software. Helps limit the risk of malicious code running undetected.
yes
yes
yes

Application Control (Whitelisting)

Provides full visibility and control of applications installed or running on company endpoints, and prevents the execution of any application not allowed by policy.
yes (On-Premises Console Only)
yes (On-Premises Console Only)
yes (On-Premises Console Only)

Firewall

Fully-featured two-way firewall that controls applications’ access to the network and to the Internet. Furthermore, the firewall can protect the system against port scans, restrict ICS and warn when new nodes join a Wi-Fi connection
yes
yes
yes

Extend Security with Compatible Products

Available Add Ons

Security for Mobile

On-device mobile security solution for iOS, Android and ChromeOS devices
Available (Cloud Console Only)
Available (Cloud Console Only)

Security for Email

For all email clients, including Office 365
Available (Cloud Console Only)
Available (Cloud Console Only)

Patch Management

Keeps OSes and Applications up to date across the entire Windows install base
Available
Available
Available

Full Disk Encryption

Protects data for the entire endpoint hard drive by leveraging the encryption mechanisms provided by Windows (BitLocker) and Mac (FileVault).
Available
Available
Available

Endpoint Detection and Response module

Enables EDR features on the Enterprise a-la-carte licensing
Available

Endpoint Detection and Response Storage

Enables long term storage of EDR raw data (30, 90 and 180 days)
Available (Cloud Console Only)
Compatible Products

Security for Storage

Machine learning-driven antimalware scanning for ICAP-compatible network-attached storage (NAS) and file-sharing systems
Compatible
Compatible
Compatible

Advanced Threat Intelligence

Collects data from sensors across the globe - correlate hundreds of thousands of Indicators of Compromise and turn data into actionable, real-time insights.
Compatible
Compatible
Compatible
Available Services

Managed Detection and Response Service Pack

Staffed by our experienced security analysts and using an award-winning suite of technology, the MDR service monitors detailed telemetry to quickly and effectively respond to malicious activities, actively removing the threat to reduce dwell time and limit any damage.
Available (Cloud Console Only)
Available when EDR add-on is present

Professional Services

Empower your organization with optimal security configuration, protection and tailored services.
Available
Available
Available

Premium Support

Choose the Silver, Gold or Platinum Premium Enterprise Support packages, depending on the response times and the types of proactive services necessary for your organization.
Available
Available
Available
Details
Covers desktops, servers and Exchange mailboxes. No more than 35% of licenses can be used on servers.
Covers desktops, servers and Exchange mailboxes. No more than 35% of licenses can be used on servers.
A la carte licensing

Managed Service Providers Security Suite

Solutions designed for Cloud and Managed Service Providers to minimize security and operational overhead and maximize profits.

For all MSPs NextGen AV & Endpoint Security (Core Product)

Learn More

Recommended for MSPs seeking comprehensive coverage and compliance

Learn More

Recommended for MSPs looking for advanced unified security solutions

Learn More

FUNCTIONALITY

Risk Analytics

Assesses, prioritizes and hardens endpoint security misconfigurations and settings with an easy-to-understand prioritized list.
yes
yes
yes

Local and Cloud Machine Learning

Predictive detection of unknown malware; Dynamic file analysis trained on billions of samples; Local machine learning trained on 80,000 malware features.
yes
yes
yes

Cloud Threat Intelligence

Threat intelligence including information about malicious URLs, patterns, websites, etc collected and updated in 3 seconds using the Bitdefender Global Protective Network of over 500 Million endpoints
yes
yes
yes

Exploit Defense

Focuses on attack tools and techniques to detect both known and zero-day exploits that target popular software applications.
yes
yes
yes

Web Content Control

Restrict user access to potentially malicious websites or web categories such as gambling
yes
yes
yes

Network Attack Defense

Protect against threats that exploit network vulnerabilities such as Brute Force Attacks or Password Stealers
yes
yes
yes

Web Threat Protection

Scans incoming web traffic, including SSL, http and https traffic, to prevent the download of malware to the endpoint. Automatically blocks phishing and fraudulent web pages. Displays search ratings signaling trusted and untrusted pages.
yes
yes
yes

Firewall

Endpoints are protected with fully featured two-way firewall with Intrusion Detection, critical for protecting remote devices.
yes
yes
yes

Device Control

Threats are often introduced into the company via removable devices. Choose which devices to allow to run and decide what will be blocked or scanned automatically.
yes
yes
yes

Process Inspector (Automatic Detection)

Behavior-based real time detection; Monitors all processes running in the operating system and if the process is deemed malicious, will terminate it.Formerly known as Advanced Threat Control (ATC).
yes
yes
yes

Security for Mobile

On-device mobile security solution for iOS, Android and ChromeOS devices
yes Add-on
yes Add-on

Full Disk Encryption

Protects data for the entire endpoint hard drive by leveraging the encryption mechanisms provided by Windows (BitLocker) and Mac (FileVault).
yes Add-on
yes Add-on

Patch Management

Manual and automatic Patching of Windows and 3rd party applications that mitigates application vulnerablities and risks of exploit attacks
yes Add-on
yes Add-on

Cloud-hosted email security and antispam

Protect Office 365 or other cloud and on-prem. email systems, detect executive impersonation, stop spam, phishing, advanced attacks before they reach users.
yes Add-on
yes Add-on

Security for Virtualized Environments

Optimized protection for virtual desktops or servers that
yes Add-on
yes Add-on

Security for AWS

VM Protection that is integrated with Amazon Web Services and optimized for peak performce
yes Add-on
yes Add-on

Exchange on-prem antispam and security

Email Antispam and Antimalware protection for organizations hosting their Exchange server
yes Add-on
yes Add-on

HyperDetect (Tunable Machine Learning)

Tunable machine learning layer, detects sophisticated threats. Blocks hacking tools, fileless attacks, zero-day malware and more.
yes Add-on (Advanced Threat Security)

Fileless Attack Defense

Protects against script-based attacks that execute in memory using tools such as PowerShell or Command Prompt
yes Add-on (Advanced Threat Security)

Sandbox Analyzer

Automatically analyze suspicious files by detonating in a safe cloud environment delivering a verdict and full visibility and context into threat actions
yes Add-on (Advanced Threat Security)

Incident Visualization

Visual representation of each step in an attack that helps understand impact, identify potential protection gaps and support compliance
yes Available as Add-on and as Standalone product compatible with competitive AV/EPP (Endpoint Detection and Response)

Prioritized Alerts Investigation

See suspicious activity as alerts that leverage MITRE events and investigate potential breaches
yes Available as Add-on and as Standalone product compatible with competitive AV/EPP (Endpoint Detection and Response)

Incident response

Respond to incidents with options such as Endpoint Isolation which disconects a system from the network or Live Response which enables remote connection and log gathering from the impacted endpoint
yes Available as Add-on and as Standalone product compatible with competitive AV/EPP (Endpoint Detection and Response)

Anomaly Defense

Baselines system resources to spotlight unusual behavior based on MITRE threat techniques and Bitdefender’s own research.
yes Available as Add-on and as Standalone product compatible with competitive AV/EPP (Endpoint Detection and Response)

Extended Detection and Response

Out-of-the-box, fulfills the incident responders’ needs to integrate additional telemetry sources, deliver contextualized security incidents, and more comprehensive response capabilities.
yes Available as an add-on. Requires Advanced Threat Security and Endpoint Detection and Response add-ons