Bitdefender GravityZone CSPM+ automates the discovery of cloud misconfigurations

Bitdefender unveiled GravityZone CSPM+, a Cloud Security Posture Management (CSPM) solution for monitoring and managing configurations of cloud infrastructures including AWS, Google Cloud Platform, Microsoft Azure and others.

In addition, GravityZone CSPM+ incorporates threat detection and response along with Cloud Infrastructure Entitlement Management (CIEM) capabilities allowing businesses to apply Identity and Access Management (IAM) policies and configuration best practices, especially in pursuit of compliance, across multi-cloud environments.

Organizations are struggling to contend with growing complexities of managing public cloud environments leading to increased cybersecurity risk around misconfigurations and authorized access to resources.

Gartner stated in a report that, “By 2026, 60% of organizations will see preventing cloud misconfiguration as a cloud security priority, compared with 25% in 2021.”¹ In an independent global survey of 400 IT and cybersecurity professionals, more than two in five (43%) stated that extending cybersecurity capabilities across multiple environments (on premises, cloud, and hybrid) and complexity of security solutions are the greatest challenges they face.

Bitdefender GravityZone CSPM+ simplifies the assessment, monitoring, and management of cloud infrastructure configurations and ensures identities accessing resources are valid to enforce set policies, adhere to regulatory compliance and help minimize risk of cybercriminal exploitation or abuse.

GravityZone CSPM+ is powered by the GravityZone Platform, a unified security and risk analytics platform that provides advanced endpoint protection including endpoint detection and response (EDR), extended detection and response (XDR) and security across physical, virtual, and multi-cloud environments. The platform delivers deep security context to detections and offers a seamless path to Bitdefender Managed Detection and Response (MDR) services.

“Cybercriminals are targeting cloud environments capitalizing on misconfigurations, unpatched applications, and overprivileged users – any means to get a foot in the door,” said Andrei Florescu, president and GM at Bitdefender Business Solutions Group.

“GravityZone CSPM+ extends security, configuration management, and IAM capabilities across cloud infrastructures on a single platform – empowering businesses to proactively mitigate risks and strengthen overall security posture. As the attack surface continues to expand, managing cloud configurations while having visibility of privileges of identities with access to company resources is as vital in a defense-in-depth strategy as defending against malware and other conventional threats,” added Florescu.

GravityZone CSPM+ offers several benefits for businesses:

Powerful cloud native security – GravityZone CSPM+ delivers agentless asset discovery and configuration management along with CIEM for identity management over cloud instances, serverless computing, storage, and data across multiple and hybrid cloud environments. Additionally, GravityZone includes industry leading endpoint protection, container security with run-time support for containers and Linux kernel module independence, and security for servers, hypervisors, and virtualized environments – a true Cloud Native Security solution.

Automated detection of misconfigurations and entitlement violations – Identifying misconfigurations and user entitlement infractions in cloud environments has become far too complex for businesses to efficiently manage manually, resulting in increased cyber risk. GravityZone CSPM+ automates the discovery and alerting of cloud misconfigurations and identity access policy violations supporting the zero trust (least privilege) model by identifying overprivileged identities (users and machines) and anomalous access behaviors.

Automated out-of-the-box compliance audits – GravityZone CSPM+ reduces team hours required for regulatory and compliance reporting for NIST, PCI DSS, APRA, GDPR, ISO 27001, SOC 2, MAS-TRM and others by delivering out-of-the-box templates and plug-and-play mapping of technical controls across various cloud services including PaaS and IaaS.

Genetics testing company NalaGenetics stated, “Right from the start, Bitdefender CSPM+ helped bridge the gap in terms of cloud infrastructure and security expertise. Regular cloud configuration scans are now able to be done at the click of a button, easily saving us painful hours a day from manual checks.”

Bitdefender GravityZone CSPM+ is now available.