Bitdefender’s GravityZone PHASR to redefine endpoint security

The industry’s first endpoint security solution sets a new standard for attack surface reduction and endpoint security through dynamic, user-tailored protection.

Bitdefender has announced the worldwide availability of Bitdefender GravityZone Proactive Hardening and Attack Surface Reduction (PHASR). The industry’s first endpoint security solution sets a new standard for attack surface reduction and endpoint security through dynamic, user-tailored protection.

Specifically, PHASR ensures security configurations align precisely with user-intended privileges and behaviors and continuously adapts to shrink attack surfaces. This is key for organizations today, especially with increasing threats that are targeting user identities to launch more sophisticated attacks.

Not only does GravityZone PHASR reduce attack surfaces and mitigates unnecessary risk, but it also enforces compliance by analyzing individual user behaviors such as application usage and access to resources—and dynamically restricting tools or privileges that fall outside established norms.

CRN Asia caught up with Niko Akatyev, Bitdefender’s principal cybersecurity architect prior to the release of PHASR, to understand more about Bitdefender’s capabilities in securing organizations today.

According to Akatyev, attackers are now more focusing on exploiting vulnerabilities instead of targeting specific companies or industries. From Bitdefender’s observation, attackers are exploiting new POCs by scanning it within 24 hours.

“There are two approaches to this. First you need to patch vulnerabilities fast. This means you need to have a very good patch management and vulnerability management program. Otherwise, you need to reduce this attack surface,” said Akatyev.

Interestingly, Akatyev also mentioned that a lot of companies are now starting to be more aware of such incidents and moving towards a more preparedness stage.

“We see a lot of tabletop exercises and activities conducted by organizations to train, to understand what may go wrong during an incident and how to improve to prepare for these incidents. It's basically a more proactive approach than reactive and I am happy to see that several organizations have been doing it proactively,” added Akatyev.

Akatyev also pointed out that even tech companies and startups are now being more aware about threats and are taking all the necessary steps before releasing any new products or updates.

“They know that as soon as they go public with a product and it gets attacked, they lose reputation, which will have a bad impact on the business. So, we are definitely seeing small companies and even tech companies start addressing security even before launching products,” explained Akatyev.

At the same time, he highlighted that customers who have been reactive in the past are now coming to Bitdefender in the wake of a ransomware incident. These customers normally have solutions deployed that weren’t good enough.

“Whether it's the EDR they're using, the antivirus, etc, they realize they need something. It could be because they're in the wake of fines or getting cyber insurance. They need these to be able to continue to operate. So, we have more customers because the market's mature enough that they've experienced it already,” said Akatyev.

Redefining endpoint security

When it comes to endpoint security, Akatyev mentioned that Gravity Zone has a cloud security posture management and XDR sensors. The XDR sensors cover business applications, cloud security and network security.

“Moving on a step further is moving towards the prevention stage. There is a risk management and compliance module. And with PHASR coming to the market, its proactive hardening and attack surface management. So basically, we can understand the profiles of each user individually, like understanding their behavior and disable tools which they don’t normally use. This way, we reduce opportunities for attackers to attack. And when we do detection, we have less alerts. Put simply, it's proactive hardening of technologies based on the idea of proactively preventing the need and rebutting the need for attack surface,” explained Akatyev.

PHASR is built on years of advanced machine learning (ML) applied to users, groups, applications, and endpoints within GravityZone Extended Detection and Response (XDR). It leverages proprietary AI to create profiles of behavioral norms across individuals and groups, focusing on key areas such as data access, application usage, and security permissions. This enables a comprehensive assessment of vulnerabilities and potential attack vectors impacting the business.

To summarize GravityZone PHASR is capable of:

• Drastically reduces attack surfaces – GravityZone PHASR correlates user behaviors with active threat vectors and attacks. This determines the optimal attack surface configuration, unique to each user, enabling organizations to minimize the attack surface without compromising operational efficiency.
• Proactively stops LOTL attack techniques – GravityZone PHASR restricts access to Living-Off-the Land-Binaries (LOLBins) before exploitation, reducing data breach risks, alert fatigue and security costs. It delivers targeted hardening that minimizes access to tools and resources for users who don’t require them for their daily tasks.
• Defeats repeatable attack patterns – GravityZone PHASR tailors defenses to each system, making it harder for attackers to reuse the same techniques across environments. Threat actors often replicate successful methods once they bypass a security tool—PHASR disrupts this by ensuring detections behave differently from system to system.

Working with partners

Just like every other cybersecurity vendor, partners are vital for Bitdefender in the region. Having completed the acquisition of BitShield to boost its distribution in the region, Bitdefender is also providing a variety of programs to educate their partners in the region, especially on the capabilities they offer when it comes to working with regulators.

“We do have different programs to enable partners. We have a learning portal, like a learning management system. We also continuously do different events, like partner assignments, trainings and such. Educated and enabled partners are also effectively educating and enabling our clients,” said Akatyev.

Apart from educating partners, Akatyev also highlighted the structured ecosystem Bitdefender has so that partners are able to not just convey the message to customers but get feedback as well. The acquisition of BitShield gives that ecosystem to deliver more products to customers in Southeast Asia, especially in Malaysia and Indonesia.

“We have partners out there that believe so much in the product and the partnership. And that's how we've managed to spread the message and it's really interesting to see those partners out there doing that work,” he added.

Given that PHASR will also be offered as an add-on to Bitdefender GravityZone, partners will be critical in ensuring customers get the best out of the flagship unified security and risk analytics platform.