Bitdefender
Visualize Bitdefender accounts, users, policies, and endpoints, and monitor changes through queries and alerts.
- Installation guide
- Bitdefender data model
- Bitdefender types
Installation Guide
Requirements
To set up this integration, you must have a Bitdefender account with Administrator user access.
Authentication
This integration uses API Key Authentication for making API calls.
Generating an API Key in GravityZone Control Center
Follow these steps to generate an API key:
Log in to GravityZone Control Center.
Click your username in the upper-right corner of the console and select My Account:
Navigate to the API Keys section and select companies, accounts, policies, network and click the Add button:
Enter a description for the API key and select the necessary APIs from the list:
Click Generate to create the API key.
Click the Copy button to copy the key to your clipboard and store it securely.
Close the API Key window.
Make sure to keep your API key secure and use while configuring integration.
Configuration in JupiterOne
From the top navigation bar of the J1 Search homepage, go to Integrations.
Search for Bitdefender and select it.
Click the Add Instance button and configure the following settings:
- Bitdefender API Key: Paste the Bitdefender API Key generated in Authentication Section.
- Account Name: Provide a name to identify this Bitdefender instance in JupiterOne. When the Tag with Account Name option is checked, ingested entities will store this value in
tag.AccountName. - Description: Add a description to assist your team in identifying this integration instance.
- Polling Interval (optional): Select a polling interval that fits your monitoring needs. If unsure, leave this as
DISABLEDand manually execute the integration.
Click Create Configuration to save your settings.
Next steps
Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.
Prerequisites
You must have a Bitdefender account with Administrator user access.
Data Model
Entities
The following entities are created:
| Resources | Entity _type | Entity _class |
|---|---|---|
| Account | bitdefender_account | Account |
| Endpoint | bitdefender_endpoint | Host |
| Policy | bitdefender_policy | Policy |
| User | bitdefender_user | User |
Relationships
The following relationships are created:
Source Entity _type | Relationship _class | Target Entity _type |
|---|---|---|
bitdefender_account | HAS | bitdefender_endpoint |
bitdefender_account | HAS | bitdefender_user |
bitdefender_policy | ENFORCES | bitdefender_endpoint |
Bitdefender Account
bitdefender_account inherits from Account
| Property | Type | Description | Specifications |
|---|---|---|---|
accountType * | string | ||
canBeManagedByParentCompany * | boolean | ||
phone * | string | ||
country * | string | ||
state * | string | ||
address | string | ||
skip2FAPeriod | number | ||
industry | number | ||
contactPersonName | string | ||
contactPersonEmail | string | ||
contactPersonPhoneNumber | string | ||
contactPersonCompanyRole | string | ||
riskScoreValue | string | ||
riskScoreImpact | string | ||
riskScoreMisconfigurations | string | ||
riskScoreAppVulnerabilities | string | ||
riskScoreHumanRisk | string | ||
riskScoreIndustryModifier | string | ||
mdrContactPersonName | string | ||
mdrContactPersonEmail | string | ||
mdrContactPersonPhoneNumber | string |
Bitdefender User
bitdefender_user inherits from User
| Property | Type | Description | Specifications |
|---|---|---|---|
accountLockdown * | boolean | ||
passwordLifetime | number | ||
accountID * | string | ||
timezone * | string | ||
role * | string | ||
permissions * | array of strings |
Bitdefender Policy
bitdefender_policy inherits from Policy
| Property | Type | Description | Specifications |
|---|---|---|---|
createdBy * | string | ||
lastSuccessfulScanName | string | ||
lastSuccessfulScanOn | number |
Bitdefender Endpoint
bitdefender_endpoint inherits from Host
| Property | Type | Description | Specifications |
|---|---|---|---|
isManaged | boolean | ||
machineType | string | ||
ssid | string | ||
managedWithBest | boolean | if BEST is installed on this endpoint | |
isContainerHost | boolean | ||
isManagedExchangeServer | boolean | ||
isManagedRelay | boolean | if this endpoint has Relay role | |
isSecurityServer | boolean | ||
isProductOutdated | boolean | if the endpoint is missing one ore more agent updates. | |
lastSuccessfulScanName | string | ||
lastSuccessfulScanOn | number | ||
movingState | string | Indicates the transfer status of the endpoint between two companies. | |
movingDestinationCompanyName | string |