Bitdefender
By integrating Bitdefender GravityZone with ThreatDefence via Bitdefender’s APIs, you can ingest real-time threat alerts and security events into ThreatDefence, enabling centralized monitoring and faster incident response.
This integration allows ThreatDefence to query endpoint protection data, manage incidents, and initiate remediation actions such as isolating endpoints or triggering scans — enhancing endpoint visibility and threat mitigation across your environment.
Prerequisites
Before proceeding, ensure your Bitdefender GravityZone account is properly configured with API access and the necessary permissions.
For setup guidance, refer to the official documentation: ➡ Using the API (Bitdefender Docs)
Step 1. Enable Event Push API in GravityZone Control Center
Note: To interact with the Dashboard API, you must first obtain an API key.
Log in to the GravityZone Control Center.
Navigate to My Account.
In the API Keys section, click Add.
Select the checkbox for Event Push Service API.
Click Generate to create the key and save the settings.
Step 2. Obtain GravityZone API URL
Navigate to My Account → Control Center API.
Copy the Access URL.
Example:
https://cloudgz.gravityzone.bitdefender.com/api
Bitdefender Access URL
Important: Bitdefender only provides a Push API for events.
Events are pushed over HTTPS from Bitdefender to your forwarder VM.
You will need to create a firewall rule or port forward to expose your on-premise Syslog Forwarder to the Internet.
We recommend using a high TCP port above 60000 for this purpose.
Step 3. Configure ThreatDefence Integration
Provide the following information to your ThreatDefence representative at 📧 [email protected]:
API Key
Access URL
Last updated