Bitdefender launches MSP, end user internet visibility tool

Bitdefender’s GravityZone EASM is a new solution that gives businesses, MSPs and their customers comprehensive visibility into their internet-facing assets and associated vulnerabilities.

The Bitdefender GravityZone External Attack Surface Management (EASM) is a new solution that gives businesses, managed service providers (MSPs) and their customers comprehensive visibility into their internet-facing assets and associated vulnerabilities. With the capability to dramatically reduce threat exposure, the solution also strengthens security operations through centralized discovery, monitoring, and management of expanding attack surfaces.

As businesses continue to focus on reducing the attack service, having centralized oversight makes a big difference, especially when it comes to having visibility on unused domains, misconfigured cloud instances, and expired certificates. Not only does this leave organizations vulnerable to attacks, but cybercriminals are also constantly looking for potential entry points which have been exposed.

Bitdefender’s recently released 2025 Cybersecurity Assessment Report also revealed that 71% of professionals are emphasizing on the importance of reducing their cyberattack surface by disabling unnecessary tools or applications. This includes reducing the attack surface in which cloud infrastructure and services topped the list (21.4%) as surfaces most at risk, followed by network infrastructure (18.6%) and endpoints/user devices (16.8%).

Given that Bitdefender GravityZone EASM is agentless, it requires no endpoint deployment, and delivers a powerful, proactive approach to identifying and understanding external risks while reducing the attack surface. The solution continuously discovers, maps, and analyses internet-exposed assets from an attacker’s perspective, enabling organizations to quickly assess risk, identify vulnerabilities, and take action before they are exploited.

Available as an add-on to Bitdefender GravityZone, EASM woks by scanning a wide range of asset types, including IPv4 and IPv6 addresses, IP blocks, email addresses, and domains. From these scans, it delivers comprehensive asset discovery by detecting publicly exposed IPs, expiring or expired certificates, vulnerable public services, open ports, and more – ensuring no asset is overlooked.

Highlights of the capabilities of the solution include fast internet tracing asset discovery as well as continuous vulnerability monitoring, alerting and polarization. As the solution can be seamlessly integrated with Bitdefender GravityZone, it supports both strategic and operational use cases, providing unified security, risk management and compliance.

According to Andrei Florescu, president and general manager at Bitdefender Business Solutions Group, security teams across businesses and MSPs face increasing pressure to keep pace with expanding attack surfaces, driven by digital transformation and complex third-party ecosystems.

“Effective defense-in-depth security starts by reducing the attack surface as much as possible before threats reach the detection and response layers. GravityZone EASM is a critical part of our vision for unified security, risk management, and compliance, enabling proactive discovery and control of internet-facing assets that could serve as potential entry points for attackers,” said Florescu.

The 2025 Cybersecurity Assessment Report

The annual report is based on an independent survey and analysis of over 1,200 IT and security professionals ranging from IT manager to chief information security officer (CISO) who work in companies with 500 or more employees in geographical regions across the world including France, Germany, Italy, Singapore, United Kingdom and the United States.

Apart from prioritizing reducing the attack surface, the survey also revealed that more than half (57.6%) of the IT/security professionals been told to keep a breach confidential, even when they believed it should be reported to authorities. Singapore had the highest rate at 75.7%, a concerning statistic, given the strict regulations on breaches in the country.

AI-generated threats are also seen as the biggest concern for businesses in the region. 51% of respondents view AI-enhanced social engineering as a fairly or extremely significant concern, and 63.3% believe their organization experienced an attack involving some element of AI within the past 12 months.

At the same time, 67% of overall respondents believe AI-driven attacks have increased, with 20.3% seeing AI-powered malware as an extremely significant risk, with concern climbing to 25% among senior management compared to just 15% of middle management. However, industry research (including Bitdefender investigations) continues to find little evidence of sophisticated malware entirely created by AI – rather, adversaries are using AI tools such as chatbots to refine or troubleshoot malicious code.

When it comes to managing cyber risks, 41% of C-level executives cite adopting AI tools as their top focus, while 35% of mid-level managers prioritize strengthening cloud security and identity management—spotlighting a growing divide between strategic vision and operational needs.

However, 31% of respondents cited tool complexity as their biggest challenge with their current security solutions. Extending protection across environments (29%) and internal skills shortages (28%) followed closely. One in four (25%) flagged compliance navigation as their biggest challenge with security solutions.

While AI in cybersecurity can help with monitoring and also fill up some of the void in cybersecurity skills, the gap and job burnout continues to worsen. 49% of respondents agree they experience burnout due to the constant need to monitor and respond to evolving cyberthreats – with 50% of professionals in the U.S. and Singapore planning to seek new jobs in the next year. Ironically, 95% of C-level and senior executives believe their organization is effectively managing risk – revealing further disconnect with frontline cybersecurity teams.

Florescu believes that bbusinesses will continue to face mounting challenges and pressures as the attack surface expands and becomes harder to defend—from hardening environments and optimizing security solutions to navigating regulatory compliance and retaining skilled professionals.

“The findings in this report make it clear that organizations must adopt modern security strategies that address a new reality where adversaries use AI to exploit vulnerabilities, sharpen social engineering, and accelerate the speed of attacks. Effective cybersecurity not only stops attacks but also continuously reduces risk and ensures ongoing compliance across the organization,” said Florescu.