Bitdefender GravityZone

The Bitdefender GravityZone connector allows you to retrieve security protection and data for endpoints managed by your GravityZone console directly into OverSOC.

Objective

The Bitdefender GravityZone connector retrieves the following information:

• Inventory of endpoints protected by Bitdefender
• Status of antivirus protection and security engines
• Security alerts and incidents detected

Prerequisites

• Administrator access to the Bitdefender GravityZone console
• Sufficient permissions to generate API keys
• Network connectivity to Bitdefender API servers

Information to Provide in OverSOC

Procedure

Generate an API Key in GravityZone

1. Sign in to the Bitdefender GravityZone console.
2. Click your username in the upper right corner.
3. Select My Account > API keys section.
4. Click Add to create a new API key.
5. Enter a descriptive description (e.g., "OverSOC Connector").
6. Select the required APIs for read access to endpoints and alerts.
7. Click Generate.
8. Copy the API key immediately (it will only be displayed once).
9. Note the rate limit: maximum 10 requests/second per API key.

Configure the Connector in OverSOC

1. In OverSOC, go to Data Sources Settings > Sources.
2. Select Bitdefender GravityZone and click Configure.
3. Fill in the two required fields:
   • API Key (from step 8 above)
   • Access URL: your organization's API URL (found in My Account > Control Center API)
4. Click Save Configuration.

For detailed API documentation, see Bitdefender Public API Documentation.

Required Permissions

The API key must have the following permissions:

• Read access to endpoint reporting
• Read access to security alerts and incidents
• Read access to protection statistics