Bitdefender EPP includes advanced antivirus and internet security software to protect users from a wide range of cyber threats.
BitDefender products are available for various platforms, including Windows, macOS, Android, and iOS.
Some key features and offerings of Bitdefender’s security solutions include:
- Antivirus Protection: Antivirus engine to scan and detect viruses, malware, spyware, and other threats.
- Advanced Threat Defense: Behavioral analysis and machine learning to detect and block emerging and sophisticated threats.
- Ransomware Protection: Safeguard against ransomware attacks.
- Firewall: Monitors and controls incoming and outgoing network traffic to protect against unauthorized.
- Safe Online Banking and Shopping: Secure browsing and protection to ensure a safe online shopping and banking experience.
Ingesting BitDefender Security Events (“gz-evpsc” connector)
Ingesting BitDefender security events leverages cagz-evpsc service. As part of this implementation, this service can forward the CEF ingested events to a remote syslog.
The connector uses the POST method to receive authenticated and secured messages from the GravityZone Event Push Service. It parses the message and then forwards it to a local or a remote Syslog server.
The configuration script is used to configure the config.json file. This file holds the
<LISTENINGPORT> <SYSLOGFORWARDPORT> <TRANSPORT> <TARGET> <AUTH> <CONFIG_FILENAME>
By default, the config script creates self signed certificates for the HTTPS connector server. For better security, certificates obtained from a certificate authority can be used.
Once the HTTPS collector service is running and listening for messages, you can configure Control Center to send events to the above-defined URL:
All settings for Event Push Service API are configured via the setPushEventSettings method. For detailed information about these settings, refer to BitDefender documentation.
Visualizations and Events Details
BitDefender Events Table: