BitDefender GravityZone flags/blocks Huntress Plugin install
I just tried to push Huntress via Gorelo Plugin to a client with BitDefender Cloud Security + ATS and received a Malware Outbreak notification for Heur.BZC.Boxter.151.F98A7BEB in powershell.exe.
The alerts all correlated to the Huntress push attempts, and adding an exclusion for powershell.exe allowed a subsequent installation, however that's not an exclusion I want in a anti-malware Policy.
Is there a better work around for this Plugin deployment and is this expected behaviour from Bitdefender?
Solution:Jump to solution
Hi mate, this is a question for BitDefender — can you please run this by them? Feel free to cc me in or similar: mikel@gorelo.io
10 Replies
Solution
Hi mate, this is a question for BitDefender — can you please run this by them? Feel free to cc me in or similar: mikel@gorelo.io
while you're at it, ask Bitdefender if they are still storing all the passwords for the partner portal in clear text like they were doing when they got hacked back in 2017?
You can then determine a decision as to if you really want to entrust your client's security to a company which doesn't even care enough about security to even hash passwords on a public facing portal
Hmmm, interesting info about Bitdefender, thank you @lemachet . How did I not know about this, I have been a Bitdefender reseller for around 10 years & had not heard about it. Funnily enough, I had a support call with Bitdefender yesterday and they needed to access my partner portal. Also, in relation to question from @b1naryn0mad , I have had a host of issues with Bitdefender blocking Gorelo processes and have had to report false positives to them to resolve the issues.
i used to be as well. and you know what, I never heard it from them. never, ever, not once. I tried to login one day and my password didn't work and i had to do a reset. that's all i ever actually heard from them.
I was on bitdefender, I recently moved away to Huntress+Windows Defender. It works amazing!
I have considered moving to Huntress, however their product doesn't include Content Control which I utilise a lot in Bitdefender. Also I simply don't have the time ATM to make the switch from Bitdefender to Huntress. I would be interested to hear your thoughts though @dasaab as you have already made the move.
I completely understand, I made the move just recently and so far it's been very smooth, transition was great, support was amazing, UI is simple to use and understand, it picked up a few screen connect clients over a new client we just got and deployed defender on, and it isolated the host because it thought it was a critical issue, which it seemed to have been. So far I'd recommend it with Windows defender.
This would be better done with DNS filtering, no?
Yes, I am looking at this now.
Absolutely. DNS Filtering is the best solution for this.