Antimalware – Based on signature scanning and heuristic analysis (B-HAVE , ATC).
Advanced Threat Control – This works as a malware/network attack defense.
Advanced Anti Exploit – Catches the latest exploits in real time and mitigates memory corruption vulnerabilities that can evade other security solutions.
Risk Management – Helps to identify and remediate a large number of network and operating system risks on the endpoint level.
Firewall – Helps to protect endpoints from inbound and outbound unauthorized connections attempts.
Network Protection (with Content Control and Network Attack Defense) – Focused on detecting network attacks designed to gain access to endpoints through specific attacks i..e brute force, network exploits etc.
Device Control – Helps by preventing sensitive data leakage and malware infections via external devices attached to endpoints such as USB flash drives, Bluetooth devices, CD/DVD etc.
Web Filtering – Helps to schedule web access while blocking or allowing certain web categories or URLs.
Ransomware Mitigation – Ability to restore files encrypted in a ransomware attack from tamper-proof copies. You can find the Ransomware Mitigation settings under the Antimalware > On-execute policy section.
Advanced Threat Security
Advanced Threat Security (HyperDetect and Sandbox Analyzer) includes tunable machine learning and cloud.
HyperDetect features local machine learning models and advanced heuristics trained to spot hacking tools, exploits, and malware obfuscation techniques to block sophisticated threats before execution. It also detects delivery techniques and sites that host exploit kits and blocks suspicious web traffic.
The Sandbox Analyser analyzes suspicious files in-depth, detonates payloads in a contained virtual environment hosted by Bitdefender, analyzes their behavior and reports malicious intent.
Endpoint Detection and Response (EDR)
Endpoint Detection and Response (EDR) looks for anomalies and offers early visibility into advanced attacks, indicators of compromise (IOCs), one-click threat investigation and incident response workflows.
Important Note: EDR requires HyperDetect and Sandbox Analyzer (Advanced Threat Security) so these services will be enabled as well.