BumblebeeBumblebee
Integrations

Bitdefender

Overview

The Bitdefender GravityZone integration lets Bumblebee workflows interact with your GravityZone security platform. It is useful for monitoring endpoint security status, managing incidents, reviewing quarantine items, and pulling security reports into automated workflows.

Prerequisites & Setup

Before setting up the Bitdefender integration, you need:

  • A Bitdefender GravityZone account with administrator privileges
  • Access to the GravityZone Control Center
  • An API key with the required API permissions enabled

Create an API Key in GravityZone

  1. Log in to GravityZone Control Center at https://gravityzone.bitdefender.com
  2. Click the user icon in the upper-right corner and select My Account
  3. Scroll to the Control Center API section and note your Access URL
  4. Under API keys, click Add to create a new key
  5. Enter a description (e.g., "BumblebeeIntegration") and enable the required APIs
  6. Click Generate and copy the key immediately — it cannot be viewed again after closing the dialog

Configure in Bumblebee

  1. Go to the Integrations page in Bumblebee
  2. Select Bitdefender GravityZone
  3. Enter:
    • API Key — the key generated in GravityZone
    • Access URL — the URL from the Control Center API section (e.g., https://cloud.gravityzone.bitdefender.com/api)
  4. Click Test Connection
  5. Save the configuration

Available Tools

Account & General

  • get_account - Get the account (company) details for the authenticated Bitdefender GravityZone tenant.
  • get_api_key_details - Get details about the API key used for authentication.
  • update_company_details - Update company settings for the authenticated GravityZone tenant. Optional: name (str), address (str), phone (str), state (str)

Licensing

  • get_license_info - Get licensing information for the authenticated GravityZone tenant.
  • get_monthly_usage - Get monthly license usage counters for the current billing period.
  • get_monthly_usage_per_product_type - Get monthly license usage broken down by product type.

Network & Endpoints

  • list_network_inventory_items - List network inventory items (groups, endpoints, containers) under a parent. Required: parent_id (str). Optional: max_records (int)
  • list_endpoints - List endpoints in the GravityZone network inventory. Optional: parent_id (str), is_managed (bool), max_records (int)
  • get_managed_endpoint_details - Get full details for a specific managed endpoint. Required: endpoint_id (str).
  • set_endpoint_label - Set a custom label on an endpoint for identification and grouping. Required: endpoint_id (str), label (str).
  • get_custom_groups_list - List all custom endpoint groups in the GravityZone network tree.
  • create_scan_task - Create an on-demand scan task on one or more endpoints or groups. Required: target_ids (List[str]), scan_type (int). Optional: name (str)
  • get_scan_tasks_list - List scan tasks with optional filters. Optional: name (str), status (int), max_records (int)
  • get_task_status - Get the status of an asynchronous task (scan, reconfigure, etc.). Required: task_id (str).

Packages

  • list_packages - List installation packages for the authenticated GravityZone tenant. Optional: max_records (int)
  • get_package_details - Get detailed configuration for a specific installation package. Required: package_id (str).
  • update_package - Update module configuration for an installation package. Required: package_id (str), package_name (str), modules (Dict[str, int]).
  • get_installation_links - Get download URLs for installation packages. Optional: package_name (str)

Policies

  • list_policies - List all available security policies. Optional: max_records (int)
  • get_policy_details - Get the full configuration of a specific security policy. Required: policy_id (str).

Accounts

  • get_accounts_list - List user accounts in the GravityZone tenant. Optional: max_records (int)
  • get_notification_settings - Get notification settings for the GravityZone tenant.

Incidents & Blocklist

  • add_to_blocklist - Add file hashes to the blocklist to prevent execution. Required: hash_type (int), hash_list (List[str]), source_info (str).
  • get_blocklist_items - List all items in the blocklist. Optional: max_records (int)
  • remove_from_blocklist - Remove an item from the blocklist. Required: hash_item_id (str).
  • isolate_endpoint - Network-isolate a compromised endpoint. Required: endpoint_id (str).
  • restore_endpoint_from_isolation - Restore an isolated endpoint back to normal network connectivity. Required: endpoint_id (str).
  • get_custom_rules_list - List custom detection/exclusion rules configured in the GravityZone tenant. Optional: max_records (int)
  • get_response_action_status - Get the status of an incident response action. Required: action_id (str).

Quarantine

  • get_quarantine_items - List quarantined threat items across endpoints. Optional: endpoint_id (str), max_records (int)
  • restore_quarantine_item - Restore quarantined items back to their original location. Required: quarantine_items_ids (List[str]).
  • remove_quarantine_item - Permanently remove items from quarantine. Required: quarantine_items_ids (List[str]).

Patch Management

  • get_missing_patches - List missing (unapplied) patches for specified endpoints. Required: endpoints_ids (List[str]). Optional: page (int), per_page (int)
  • get_installed_patches - List installed patches for specified endpoints. Required: endpoints_ids (List[str]). Optional: page (int), per_page (int)

Maintenance Windows

  • get_maintenance_windows_list - List all maintenance windows configured in the GravityZone tenant. Optional: max_records (int)
  • get_maintenance_window_details - Get details of a specific maintenance window. Required: maintenance_window_id (str).
  • get_manually_approved_patches - List patches that have been manually approved for deployment.

Integrations

  • get_configured_integrations - List configured third-party integrations in the GravityZone tenant. Optional: max_records (int)

Reports

  • create_report - Create a security report. Required: name (str), report_type (int), target_ids (List[str]).
  • get_reports_list - List available reports with optional filters. Optional: name (str), report_type (int), max_records (int)
  • get_report_download_links - Get download links for a generated report. Required: report_id (str).

PHASR (Proactive Hardening and Attack Surface Reduction)

  • get_monitored_rules - List PHASR monitored behavioral rules. Optional: max_records (int)
  • get_monitored_rule_data - Get detailed data for a specific PHASR monitored rule. Required: rule_id (str).
  • get_phasr_recommendations - Get PHASR security hardening recommendations. Optional: max_records (int)
  • get_recommendation_profiles - Get behavioral profiles associated with a PHASR recommendation. Required: object_id (str).
  • get_all_company_identities - List all PHASR behavioral profile identities for the company. Optional: max_records (int)
  • get_all_company_resources - List all PHASR behavioral profile resources for the company. Optional: max_records (int)

Reference: Bitdefender GravityZone Public API

Axcient

Connect Bumblebee with Axcient x360Cloud and x360Recover to read SaaS backup status, restore points, vaults, devices, and jobs

CIPP

Connect Bumblebee with CIPP to manage Microsoft 365 tenants

On this page

OverviewPrerequisites & SetupCreate an API Key in GravityZoneConfigure in BumblebeeAvailable ToolsAccount & GeneralLicensingNetwork & EndpointsPackagesPoliciesAccountsIncidents & BlocklistQuarantinePatch ManagementMaintenance WindowsIntegrationsReportsPHASR (Proactive Hardening and Attack Surface Reduction)