Bitdefender EPS
Bitdefender Endpoint Security (EPS) is a comprehensive cybersecurity solution designed to protect business endpoints, including desktops, laptops, servers, and virtual machines, against cyber threats. It offers a range of features such as machine learning-driven threat protection, ransomware mitigation, and Endpoint Detection and Response (EDR) capabilities. It also provides a centralized management console for monitoring and remediation.
Architecture
The example of the product components and patterns interaction is displayed in the following table.
Software pattern summary
The following table gives an overview of the pattern characteristics:
Product component | OS type | Versioning | Pattern depth |
|---|---|---|---|
EPS | Windows | Package | Instance-based |
Platforms supported by the pattern
The pattern discovers EPS deployments on the Windows system.
Identification
To run a discovery of the product, the pattern must be triggered. This section describes conditions under which the pattern can be triggered.
Software instance triggers
The following table gives details about the pattern trigger:
| Pattern | Trigger node | Attribute | Condition | Argument |
| EPS | DiscoveredProcess | cmd | matches | windows_cmd "bdredline" |
Simple identification mappings
The following components/processes are identified by using the simple identity mappings that map the product's known processes:
Name | Condition |
|---|---|
Bitdefender RedLine | regex Bitdefender\\Endpoint\sSecurity.*\\bdredline\.exe |
| Bitdefender Endpoint Security Console | regex Bitdefender\\Endpoint\sSecurity.*\\EpConsole\.exe |
| Bitdefender Endpoint Security Console | regex Bitdefender\\Endpoint\sSecurity.*\\EPConsole\.exe |
| Bitdefender Endpoint Integration Service | regex Bitdefender\\Endpoint\sSecurity.*\\EPIntegrationService\.exe |
| Bitdefender Endpoint Security Service | regex Bitdefender\\Endpoint\sSecurity.*\\EPSecurityService\.exe |
| Bitdefender Endpoint Update Service | regex Bitdefender\\Endpoint\sSecurity.*\\EPUpdateService\.exe |
Versioning
Version information for the product is collected by using the package versioning method.
Package Versioning
The pattern attempts to extract the version from a package by matching the following regular expression:
Subject matter expertise
Inputs from subject matter experts are welcome on any other potential approaches not discussed in this topic.
Testing
The pattern has been tested against the available customer data.
Open issues
There are no known open issues with this pattern.