Bitdefender launches Internal Attack Surface Assessment to map and reduce trusted-tool abuse risks in enterprise Windows environments
Summary
Hide ▲
Show ▼
Bitdefender publicly announces a 45-day Internal Attack Surface Assessment program designed to identify and reduce exposure from trusted utilities abused in attacks. The assessment targets Windows endpoints and maps living-off-the-land binaries (LOLBins), remote administration tools, tampering utilities, cryptominers, and piracy tools to specific users and devices with minimal operational impact. It leverages GravityZone PHASR—a Proactive Hardening and Attack Surface Reduction technology—to produce prioritized remediation roadmaps. Early adopters reported up to 70% attack surface reduction within 30 days without end-user disruption or malware investigation overhead.
Timeline
-
15.05.2026 14:00 1 articles · 2h ago
Bitdefender launches Internal Attack Surface Assessment program leveraging GravityZone PHASR for behavioral profiling and exposure mapping in Windows environments
Bitdefender introduces a complimentary 45-day Internal Attack Surface Assessment that uses GravityZone PHASR to profile every machine-user pair, generate exposure scores, and produce prioritized remediation roadmaps across five risk categories. The assessment targets trusted-tool abuse in Windows environments and enables either manual or automated control enforcement, reducing investigation overhead and attack surface without disrupting end users.
Show sources
- What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface — thehackernews.com — 15.05.2026 14:00
Information Snippets
-
Bitdefender’s assessment program is available at no cost to organizations with 250 or more employees operating Windows-heavy environments.
First reported: 15.05.2026 14:001 source, 1 articleShow sources
- What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface — thehackernews.com — 15.05.2026 14:00
-
GravityZone PHASR conducts a 30-day behavioral learning phase to profile every machine-user pair before producing exposure scores and prioritized findings.
First reported: 15.05.2026 14:001 source, 1 articleShow sources
- What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface — thehackernews.com — 15.05.2026 14:00
-
Bitdefender telemetry indicates PowerShell is active on 73% of endpoints, often invoked silently by third-party applications, and a clean Windows 11 install contains 133 unique LOLBins across 987 instances.
First reported: 15.05.2026 14:001 source, 1 articleShow sources
- What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface — thehackernews.com — 15.05.2026 14:00
-
Findings are grouped into five categories: LOLBins, remote admin tools, tampering tools, cryptominers, and piracy tools, each mapped to affected users and devices.
First reported: 15.05.2026 14:001 source, 1 articleShow sources
- What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface — thehackernews.com — 15.05.2026 14:00
-
Early-access customers reduced their attack surface by 30% or more in the first 30 days, with one reporting near 70% reduction by locking down LOLBins and remote tools.
First reported: 15.05.2026 14:001 source, 1 articleShow sources
- What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface — thehackernews.com — 15.05.2026 14:00
-
Gartner projects preemptive cybersecurity will account for 50% of IT security spending by 2030, up from less than 5% in 2024, and that 60% of large enterprises will adopt dynamic attack surface reduction (DASR) technologies by 2030, up from less than 10% in 2025.
First reported: 15.05.2026 14:001 source, 1 articleShow sources
- What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface — thehackernews.com — 15.05.2026 14:00