The platform allows businesses and service providers to manage internet-exposed assets without the need for agents, featuring rapid discovery, contextual alerts, and continuous monitoring.
Bitdefender, a global cybersecurity company, has launched GravityZone External Attack Surface Management (EASM), a new solution designed to help businesses and managed service providers (MSPs) identify, monitor, and mitigate risks associated with their internet-exposed assets. This tool, which does not require agent deployment, integrates with the unified GravityZone platform and enhances preventative protection capabilities against external threats.
Increasingly Broad and Difficult-to-Control Attack Surfaces
The growth of digital transformation, cloud adoption, remote work, and third-party infrastructure connections has led to a rapid expansion of attack surfaces in most organizations. This includes everything from unused domains and expired certificates to misconfigurations in cloud services. According to Gartner, more than 60% of security incidents by 2029 will be related to technical configuration errors.
GravityZone EASM addresses this challenge with a proactive approach: it continuously scans IPv4/IPv6 addresses, domains, subdomains, certificates, open ports, and third-party connections, even if these are forgotten resources or not directly managed by the IT team.
“Effective defense starts by minimizing the attack surface as much as possible before threats reach detection and response systems,” stated Andrei Florescu, President and CEO of Bitdefender Business Solutions Group.
Key Features of GravityZone EASM
- Rapid Discovery of Exposed Assets: Conducts a comprehensive mapping of devices, applications, domains, and internet-exposed connections in just 30 minutes, providing complete visibility, even over unmanaged or “shadow IT” assets.
- Continuous Vulnerability Monitoring: Detects vulnerabilities and misconfigurations in real-time, including expired certificates or insecure public services. Alerts are prioritized based on severity (e.g., using CVE scores) to facilitate agile responses.
- Unified Security and Compliance Management: By fully integrating with GravityZone, EASM enables security analysts to combine threat analysis, regulatory compliance, and policy control from a single platform.
Visibility from the Attacker’s Perspective
One of the key strengths of GravityZone EASM is its ability to evaluate assets from the perspective of a potential attacker, allowing for the identification of gaps that might be overlooked by traditional internal security tools. This external, agentless view promotes a more effective defense-in-depth strategy, reducing risk exposure even in complex and distributed environments.
The solution is also ideal for managing supply chain risks by monitoring the assets of customers, partners, or suppliers that could impact the overall security of the organization.
Availability
GravityZone EASM is already available as an add-on for selected licenses of Bitdefender GravityZone and MDR (Managed Detection and Response) services.
With this launch, Bitdefender enhances its value proposition in the area of proactive cyber risk management, anticipating threats before they impact internal systems and providing organizations with a scalable solution to manage ever-evolving attack surfaces.
Source: bitdefender