Gravityzone Security
For Endpoints

Stop Advanced Threats with Layered Endpoint Security

Best Performance And Protection


Bitdefender’s GravityZone Security for Endpoints defeats advanced and sophisticated threats by using an adaptive, layered next-gen approach.

Patented machine learning technologies combined with the ability to monitor behavior and detect attack techniques enable GravityZone to prevent, detect and block threats that both traditional endpoint and so-called “next-gen AV” defenses miss.

It then automatically takes actions to keep businesses running normally, including rolling back malicious changes.

Comprehensive Layered Next-Gen Security Approach

Identify and prevent never before seen threats with comprehensive set of technologies including Machine Learning, Anti-exploit, Application and Content Control, or Process Inspector.

Identify Threats Without Slowdowns

Using the largest global intelligence cloud and machine learning technologies perfected in more than 10 years, Bitdefender prevents and detects threats without causing slowdowns for the users.

Simplified Security Management

Delivered as a virtual appliance, the GravityZone Control Center is quick to set up and easily scales to protect any number of endpoints with redundancy and high availability built in.

Features and benefits

Machine Learning Predicts and Blocks Advanced Attacks

Bitdefender leverages machine learning across its entire portfolio. Scanning engine, HyperDetect, Sandbox Analyzer, Content Control, Global Protective Network are only a few examples of Bitdefender technology that makes use of machine learning.

HyperDetect™ Blocks Attacks at Pre-execution

Bitdefender HyperDetect contains machine learning models and stealth attack detection technology. It forms an additional layer of security, specifically designed to detect advanced attacks and suspicious activities in the pre-execution stage.

Sandbox Analyzer Enhances Targeted Attack Detection

Bitdefender Sandbox Analyzer provides pre-execution detection of advanced attacks by automatically sending files that require further analysis to cloud sandbox and taking remediation action based on the verdict.

Process Inspector Detects and Stops Fileless Attacks

Bitdefender Process Inspector is a behavior anomaly detection technology that provides protection against never-before-seen threats in the on-execution stage.

Endpoint Control and Hardening

Many features work together to reduce the attack surface: Patch Management, Full Disk Encryption, Web Threat Protection, Firewall, Application & Device Control.

Advanced Anti-exploit

The Bitdefender Memory Protection layer protects against known and unknown exploits targeting browser and application vulnerabilities in on-execution stage.


Detect and Prevent the Full Range of Sophisticated Threats and Unknown Malware

Elite defeats advanced threats and unknown malware that evade traditional endpoint protection solutions, including ransomware. Advanced attacks such as PowerShell, script-based, fileless attacks and sophisticated malware can be detected and blocked before execution.

Detect and Stop Fileless Malware

Fileless malware attacks execute malicious code directly in memory. Since no file is present on the disk, AV solutions designed for file analysis are blind to this type of attack. Bitdefender leverages Advanced Anti-Exploit, HyperDetect™ and Process Inspector to detect, block and interrupt fileless attacks.

Stop Macro and Script-Based Attacks

In this case, attackers are trusted MS Office Macros that use Windows administration tools like PowerShell to run scripts and download malicious code to execute attacks. Since these are “trusted” Windows tools, most endpoint security products, including the pure next-gen AV providers, don’t scrutinize scripts, like Powershell, WMI, Javascript interpretors etc. Bitdefender adds Command-Line Analyzer techniques to intercept and securitize scripts, alerting admins and blocking the script from running if it carries out malicious commands.

Automate threat remediation, containment and response

Once a threat is detected, Elite instantly neutralizes it through actions including process termination, quarantine, removal and roll-back of malicious changes. It shares threat information in real time with GPN, Bitdefender’s cloud-based threat intelligence service, preventing similar attacks worldwide. 


Improved Threat Context and Visibility

GravityZone’s Elite unique capability to identify and report suspicious activities gives admins early warning of malicious behavior such as dubious operating system requests, evasive actions and connections to command and control centers.


Boost operational efficiency

Bitdefender’s single, integrated endpoint security agent eliminates agent fatigue. The modular design offers maximum flexibility and lets administrators set security policies. GravityZone automatically customizes the installation package and minimizes the agent footprint. Architected from the ground up post-virtualization and post-cloud security architectures, GravityZone provides a unified security management platform to protect physical, virtualized and cloud environments.


HyperDetect™ Blocks Attacks at Pre‑execution

GravityZone Elite comes with HyperDetect, a next-gen layer in pre-execution, that uses specialized local machine models, behavior analysis techniques trained to spot hacking tools, exploits and malware obfuscation techniques. It effectively blocks attacks that both traditional endpoint and so-called “next-gen AV” defenses miss.


  • Exploits
  • Powershell and other script based attacks
  • Phishing
  • File-less attacks
  • Ransomware
  • Unknown malware

Bitdefender layered next generation endpoint protection platform

Uses adaptive-layered architecture that includes endpoint controls, prevention, detection, remediation and visibility.



Patch Management

Application Control

Full-Disk Encryption

Device Control

Web-Threat Protection




Signature & Cloud Lookup

Local & Cloud ML




Process Inspector



Access Blocking


Disinfection & Removal

Process Termination






SIEM Integration

API Support




GravityZone is built from the ground up for virtualization and cloud to deliver business securityservices to physical endpoints, mobile devices, virtual machines in private, public cloud and Exchange email servers.


Threat actors are shifting to fileless attacks. Experts would tell you that these attacks cannot be prevented by endpoint security solutions. At Bitdefender, we challenge ourselves to protect our customers against the full spectrum of threats – file-based and fileless malware.

“GravityZone just works by itself. So we’re free to divert our efforts to planning and helping the schools become more efficient.”

Rolland Kornblau, Director of IT, El Rancho Unified School District


Bitdefender Endpoint Security received the highest score in AV-TEST’s Best Protection category, due to its capability to prevent and block all types of malware, including those never-before-seen. With more than six patents pertaining to machine-learning algorithms for detecting malware and other online threats, deep learning and anomaly-based detection techniques play a vital role in proactively fighting new and unknown threats.

Additional Protection Layers and Services



Unpatched systems leave organizations susceptible to malware incidents, outbreaks, and data breaches. Keep your OS and Applications up to date across the entire Windows install base – workstations, physical servers and virtual servers with GravityZone Patch Management.

Download Datasheet  >



GravityZone FDE protects data for the entire endpoint hard drive by leveraging the encryption mechanisms provided by Windows (BitLocker) and Mac (FileVault). It takes advantage of the native device encryption to ensure full compatibility and maximized performance. GZ FDE is integrated into the GravityZone Console and Agent, with no additional agent to deploy or key management server to install. The use of existing endpoint security infrastructure to manage Full Disk Encryption enables fully centralized deployment with minimal administrative effort.



Our experts will help you install and configure your Bitdefender solution for the optimal protection and performance your business applications need. These services offer customers the benefit of expert guidance throughout the implementation process, ensuring a smooth and trouble-free start.
Skilled Bitdefender engineers will follow best practices and keep your business needs in mind while helping you install the security solution in your environment.

Specs & FAQ’s



Windows 10 November 2021 Update (21H2) Windows 10 May 2021 Update (21H1) Windows 10 October 2020 Update (20H2), Windows 10 May 2020 Update (20H1), Windows 10 November 2019 Update (19H2), Windows 10 May 2019 Update (19H1), Windows 10 October 2018 Update (Redstone 5), Windows 10 April 2018 Update (Redstone 4), Windows 10 Fall Creators Update (Redstone 3), Windows 10 Creators Update (Redstone 2), Windows 10 Anniversary Update (Redstone 1), Windows 10 November Update (Threshold 2), Windows 10 (RTM, version 1507), Windows 8.1, Windows 8, Windows 7

Windows 10 IoT Enterprise, Windows Embedded 8.1 Industry, Windows Embedded 8 Standard, Windows Embedded Standard 7, Windows Embedded Compact 7, Windows Embedded POSReady 7, Windows Embedded Enterprise 7

macOS Monterey (12.x) macOS Big Sur (11.x), macOS Catalina (10.15), macOS Mojave (10.14), macOS High Sierra (10.13), macOS Sierra (10.12)


Ubuntu 14.04 LTS or higher, Red Hat Enterprise Linux / CentOS 6.0 or higher, SUSE Linux Enterprise Server 11 SP4 or higher, OpenSUSE Leap 42.x, Fedora 25 or higher, Debian 8.0 or higher, Oracle Linux 6.3 or higher, Amazon Linux AMI 2016.09 or higher

Windows Server 2022 Windows Server 2019 Core Windows Server 2019, Windows Server 2019 Core, Windows Server 2016, Windows Server 2016 Core, Windows Server 2012 R2, Windows Server 2012, Windows Small Business Server (SBS) 2011, Windows Server 2008 R2


Minimum: 2.4 GHz single-core CPU Recommended: 1.86 GHz or faster Intel Xeon multi-core CPU
Memory: Minimum free RAM: 512 MB Recommended free RAM: 1 GB HDD space: 1.5 GB of free hard-disk space


Minimum: 2.4 GHz single-core CPU Recommended: 1.86 GHz or faster Intel Xeon multi-core CPU
Memory: Minimum free RAM: 512 MB Recommended free RAM: 1 GB HDD space: 1.5 GB of free hard-disk space


T CPU: 4 vCPU with 2 GHz each
Minimum RAM memory: 6 GB recommended
40 GB of free hard-disk space
Internet access for updates and communication with remote and mobile endpoints.
GravityZone Control Center is delivered as a virtual appliance and is available in the following formats:
– OVA (compatible with VMware vSphere, View)
– XVA (compatible with Citrix XenServer, XenDesktop, VDI-in-a-Box)
– VHD (compatible with Microsoft Hyper-V)
Support for other formats and virtualization platforms may be provided on request.



Bitdefender GravityZone is the new Bitdefender enterprise security solution for Medium-Sized to Very Large Organizations. It’s redesigned from the ground up with a fresh, but proven private cloud computing architecture that takes full advantage of virtualized infrastructures. GravityZone leverages Bitdefender’s acclaimed antimalware technologies and provides centralized security management platform for physical, virtualized and mobile endpoints. 

GravityZone is a business-agile solution that implements a holistic approach. Not just antivirus, but an enterprise-grade solution that helps organizations attain their virtualization projects objectives and secure data, while preserving the systems’ performance and users’ productivity. 

With built-in redundancy and a load-balancing mechanism, it can scale-out on demand to protect from hundreds to hundreds of thousands of endpoints, and provides administrators with a single pane of glass view into the organization’s security postures, global threats and dashboards for various roles within the organization.


From platform architecture to security services, GravityZone emerges as a reinvented next-gen enterprise security solution built for the new IT landscape. The solution combines highly optimized virtualization-aware security with leading detection technologies and a fresh, but proven, architecture.

Complex enterprise environments require tailored, integrated security solutions that support heterogeneous environments with a broad range of systems and usage scenarios. GravityZone has been designed to deliver optimized security for the new threats and risks of data exposures introduced by:

  • Exponential evolution of malware and professionalization, combined with;
  • Increased Internet penetration;
  • Exponential increase of data;
  • IT consumerization and convergence of devices and services;
  • Cloud computing and virtualization technologies.


All this has changed the IT landscape, the way information is delivered and consumed, and how applications and services are provisioned.

GravityZone itself is implemented as a private cloud solution that runs on virtualized layers and it’s packed to enable organizations to secure their IT assets, while helping to reduce administration burden, lower TCO and improve the return on investment. The solution removes the scalability limitation of legacy solutions based on client-server architecture and relational databases.

The improvement continues with security services, too. GravityZone extends and integrates security services to virtualized environments and mobile devices. So, as users expect a uniform experience when consuming information on a PC, laptop, tablet or smartphone, the information security will be preserved, too, whether it is accessed locally or remotely, from a workstation or a mobile device, or whether the company uses traditional or virtualized infrastructures.

GravityZone Enteprise Security comes with HyperDetect, a next-gen layer in pre-execution that uses specialized local machine models, behavior analysis techniques trained to spot hacking tools, exploits and malware obfuscation techniques.


GravityZone is unified by design and aims to cover all security requirements in a single solution. In the current stage, it unifies the main security services and provides a single point of management for security of physical, virtualized and mobile endpoints. Future development will integrate new security services into GravityZone, such as security for email and collaboration, and will add enhancements for services and support for other platforms.

Unlike other solutions that bolt modules on to an aging architecture, importing different third-party technologies and trying to put them together, Bitdefender GravityZone has been architected from the ground up as a unified security management platform across physical, virtualized and mobile environments. Its modular design allows flexible and tailored security services, and role-based administration. The solution is comprised of the following integrated components:

  • GravityZone Control Center – the management platform that provides the single point of security management across organization.
  • Security for Endpoints – protects Windows workstations and servers.
  • Security for Virtualized Environments – protects virtualized Windows and Linux guest systems, running on VMware, Citrix, Microsoft or any other virtualization platform
  • Security for Mobile Devices – enables secured BYOD adoption, with easy delivery and control of mobile device security for effective administration.

GravityZone is 100% modularized, meaning you can choose the services you want to license, with the needed number of units per each one.

Even if GravityZone is delivered as a virtual appliance, its deployment does not require activation of Security for Virtualized Environments (SVE). However, if you already run or plan to deploy virtualization projects, we do recommend you implement SVE.

With GravityZone you benefit from effective security and improved administration efficiency from two directions. On one side is the reduced administrative burden due to centralized management and architecture benefits with simple turn-key deployment of GravityZone virtual appliance, built-in redundancy and scalability mechanism, and on the other side is the optimized virtualization security services of SVE that will help you attain your business objectives concerning virtualization projects and realize the full potential of your investments.


For example, there is a need to provide security for VMs running on VMware ESXi and Microsoft Hyper-V at the same time.

Yes, with Security for Virtualized Environments service of GravityZone you can manage all types of virtualization scenarios from a single point of management. GravityZone Control Center is integrated with VMware vCenter and Citrix XenCenter, and also supports many other virtualization platforms, like Microsoft Hyper-V, KVM, RedHat Enterprise Virtualization, or Oracle Virtualization.

If you want to enjoy GravityZone Security for Endpoints, take a quick start here: