Bitdefender has launched GravityZone PHASR (Proactive Hardening and Attack Surface Reduction), a global-first endpoint security solution that dynamically adjusts security settings for each user. The product is now available worldwide as part of the company’s GravityZone platform.
The new system is designed to adapt in real-time to user behaviours and privileges, significantly reducing an organisation’s attack surface. According to Bitdefender, GravityZone PHASR is the first solution of its kind to enforce precise and automatic hardening based on how users interact with applications and systems.
“Legitimate tools and Living-Off-the-Land (LOTL) techniques are now involved in over 70% of major security incidents, according to our investigations,” said Dragos Gavrilut, vice president of threat research at Bitdefender. “GravityZone PHASR is the only purpose-built solution designed to combat this growing epidemic by precisely controlling access to tools like PowerShell and WMIC—effectively stopping LOTL-style attacks at their source.”
Tackling risk through behaviour-based automation
Rather than relying solely on detection, GravityZone PHASR continuously monitors how users behave—what applications they access, what privileges they use, and how they interact with systems. It then restricts access to tools and features that do not align with their regular activity. This user-specific hardening helps block potential misuse of administrative tools commonly exploited in attacks, including those involving LOTL tactics.
Gartner has predicted that intelligent automation will drive 60% of exposure management and remediation tasks by 2030, up from just 10% today. This supports a broader industry trend towards prevention-based security. The analyst firm defines attack surface reduction technologies as those that “reduce an organisation’s exposure to compromise” and apply “to all attacks, even the most evasive.”
Bitdefender’s approach aligns with this philosophy by removing unnecessary access and privileges before they can be abused, instead of waiting to respond after an intrusion is detected. This shift allows security teams to proactively lower the risk of data breaches, reduce false alerts, and improve compliance.
Built on AI, powered by GravityZone
GravityZone PHASR integrates directly with Bitdefender’s existing GravityZone platform, which brings together endpoint protection, extended detection and response (XDR), and risk analytics. It uses proprietary artificial intelligence to model typical user and group behaviour, establishing what normal looks like in terms of data access, application use, and system permissions.
By comparing these norms against actual behaviour, the system flags inconsistencies and applies restrictions where needed. According to Bitdefender, this adaptive security method ensures that each device and user is protected in a way that reflects their unique risk profile.
Andrei Florescu, president and general manager of Bitdefender Business Solutions Group, commented: “Innovation in cybersecurity must solve real problems—not add complexity. GravityZone PHASR is a true game changer that strengthens endpoint security by tackling today’s most pressing challenges—including stealthy LOTL attack techniques. By applying tailored security controls to each user based on behaviour, PHASR minimises unnecessary access, hardens environments, and helps organisations stay ahead as attack surfaces grow.”
With the rising number of attacks involving built-in system tools and legitimate processes, organisations are under growing pressure to manage risk without sacrificing productivity. GravityZone PHASR presents a potential solution, using automation and behavioural insights to strike that balance.
