GravityZone’s New Leap: Merging CSPM, CIEM, and Professional Security Consultation

Bitdefender Enterprise

August 16, 2023

GravityZone’s New Leap: Merging CSPM, CIEM, and Professional Security Consultation

Bitdefender has expanded its platform to include Cloud Security Posture Management (CSPM) and Cloud Entitlement Infrastructure Management (CIEM), along with security consulting services that augment Bitdefender MDR services. This is the result of completing the acquisition of Horangi Cyber Security, which is now a Bitdefender company.

Holistic Security Unleashed

Both CSPM and CIEM complement existing Bitdefender Cloud Workload Protection Platform (CWPP) capabilities delivered by GravityZone. The acquisition of Horangi paves the way for a complete Cloud Native Application Protection Platform (CNAPP) - a comprehensive solution encompassing cloud workload protection, configuration management, and identity and access management, all in a unified console. This 360-degree approach ensures the security of applications at every stage, from inception to runtime, providing an all-encompassing shield against threats.

Decoding the Acronyms

First, CNAPP is used to provide end-to-end protection of applications running in the cloud. That protection includes CSPM, CIEM, and CWPP. Let’s look at what each one does, and why.

Cloud Native Application Protection Platform (CNAPP): The last letter in this acronym is a give-away. CNAPP is a conceptual platform used to unify cloud workload protection and configuration and identity and access management in a single solution. CNAPP protects an application throughout its deployment lifecycle. This includes securing the application both before, and during runtime. These cloud-centric approaches form Cloud Workload Protection. Must-haves include endpoint protection, storage scanning, protection of workloads like VDI instances, and container security. CNAPP also ensures the security of the environment – the public cloud platform – on which an application is running.

Cloud Security Posture Management (CSPM): In simple terms, public clouds have a lot of configuration settings. To make things more complicated, settings are not standardized across different public clouds. As organizations adopt multiple public clouds, it’s critical to ensure there are no misconfigurations that could leave an application vulnerable. There is no way to over-emphasize what all security and operations teams know: tracking configuration settings and applying best practices across environments isn’t just incredibly difficult, it’s practically impossible. CSPM solutions solve this challenge by automating configuration auditing and management, so administrators quickly focus on problematic settings. A direct response to the complexity of configuring diverse public cloud environments, CSPM automates configuration checks. This empowers administrators to swiftly detect and correct misconfigurations, bolstering overall security in multi-cloud setups.

Cloud Infrastructure Entitlement Management (CIEM): Just as public clouds have thousands of configurations that can increase risk if not correctly managed, such clouds also have myriad ways for identities and entitlements to increase risk if not properly administered. The burden of monitoring what permissions an entity like a server or container has, or a user may have, is overwhelming and prone to error if not automated. Administrators have already encountered this problem in traditional computing environments, which led to the rise of Identity and Access Management (IAM) solutions. Because of this, there is a good chance you have heard CIEM described as “IAM for cloud.” Simply put, CIEM automates the arduous task of monitoring and managing permissions and identities across cloud infrastructures, thereby lowering overall security risk while improving operational efficiency.

There are slightly different schools of thought, but the general idea is clear – protect applications directly with workload security, ensure the platform on which they are running is configured properly to ensure no entity or account has unnecessary permissions, and bring it together in a single platform.


The challenge at hand for any security team, regardless of size or skill level, is the need to address critical issues in cloud security, encompassing diminished visibility, complex configuration management, identity and access risks, evolving cyber threats, compliance burdens, manual security tasks, and operational inefficiencies. Overall, these challenges significantly burden the security team, hindering its ability to protect the organization, respond to threats effectively, and improve operational efficiency.

A Focus on Outcomes

The accelerated adoption and rapid innovation in and around public cloud can lead administrators – within both security and other groups – to have diminished insight into and control over these deployments. This is reflected in a recent independent global survey of 400 IT and cybersecurity professionals who reported that extending cybersecurity capabilities across environments (on-premises, cloud, hybrid) and the complexity of security solutions are their top challenges (both at 43%).

The reality is cybersecurity teams aim to enable businesses to focus on outcomes. The question should be “How can we best build, deliver, and manage our applications?” not “Can we adopt the cloud without increasing risk?” Cybersecurity teams should be able to focus on their projects, rather than being buried under burdensome tasks that advanced solutions can deal with using intelligent automation.

Another outcome that can be a challenge for organizations is achieving regulatory compliance, especially in the dynamic world of public cloud. Without automation to help achieve, demonstrate, and maintain compliance, organizations are overwhelmed by the effort involved. Fortunately, Horangi CSPM and CIEM can help organizations achieve positive compliance outcomes with a strong focus on mapping a variety of standards such as PCI DSS.

The essence of cybersecurity is to empower businesses to prioritize outcomes, prompting a shift from questioning cloud adoption risks to optimizing application development and management. Consequently, cybersecurity teams can focus on strategic projects instead of grappling with onerous tasks, further aided by a solution focused on delivering:

  • Risk Mitigation: By offering comprehensive security coverage, the potential attack surface is notably diminished, significantly reducing the chances of successful breaches or data leaks.
  • Assured Regulatory Compliance: Automated compliance features ensure consistent adherence to industry standards, enhancing organizational reputation and mitigating potential risk of penalties.
  • Effortless Administration: A consolidated dashboard enhances operational efficiency by presenting a unified overview of security protocols, streamlining both management and incident response procedures.
  • Continuous Business Operations: Robust protection of cloud-native applications ensures seamless service delivery, preserving business continuity even amidst emerging threats.

Driving Forward

The acquisition of Horangi provides Bitdefender with capabilities that are highly complementary to the cloud workload protection functionality already provided by the GravityZone unified risk and security analytics platform. It does this by expanding GravityZone's existing cloud security capabilities into a complete CNAPP story with the inclusion of CSPM and CIEM.

In addition to technology-driven advancements, Horangi also brings a comprehensive suite of consulting services. Certified analysts can perform, among other services, penetration testing, tabletop exercises, and red teaming. This well-rounded suite of offerings complements Bitdefender’s Managed Detection and Response (MDR) services.

With these expanded capabilities and resources, Bitdefender will further advance in cutting through the noise to provide organizations with highly advanced solutions that reduce, rather than add to, cybersecurity management burdens, so organizations can focus on outcomes.

CNAPPs have become a notable trend in the industry. Meanwhile, GravityZone has evolved to address diverse customer needs. Whether an organization prioritizes cloud-first, multi-cloud, hybrid-cloud strategies, or is transitioning from a traditional datacenter, GravityZone has been a solution to consider for security needs. The integration of CSPM and CIEM into GravityZone provides organizations with broader security capabilities and enhanced operational flexibility and efficiency.

To read more about what Horangi offers, visit the website.

Contact an expert




Bitdefender Enterprise

Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide. Guardian over millions of consumer, enterprise, and government environments, Bitdefender is one of the industry’s most trusted experts for eliminating threats, protecting privacy, digital identity and data, and enabling cyber resilience. With deep investments in research and development, Bitdefender Labs discovers hundreds of new threats each minute and validates billions of threat queries daily. The company has pioneered breakthrough innovations in antimalware, IoT security, behavioral analytics, and artificial intelligence and its technology is licensed by more than 180 of the world’s most recognized technology brands. Founded in 2001, Bitdefender has customers in 170+ countries with offices around the world.

View all posts

You might also like