Bitdefender Software Development Kits (SDKs) for Endpoint Security Solutions

Award-Winning Antimalware Technology for Endpoint Security Solutions. Best Efficacy and Performance.

  • Consistent Top Rankings on AV-Test and AV Comparatives for five consecutive years, with the best efficacy and performance.
  • Easy and flexible integration capabilities.
  • 100% detection rate on AV-Comparatives’ first Business Security Test from 2019.
  • Layered architecture with advanced machine learning.
  • Excellent results on all operating systems with our technology also coming first in the Mac OSX test.
Endpoint security technology - award-winning protection

Award-winning Protection.

Bitdefender’s Endpoint technology is battlefield-tested, defeating advanced and sophisticated threats through an adaptive and layered next-gen approach. Our patented machine learning technologies, combined with the ability to monitor behavior and our attack detection techniques enable us to prevent, detect, and block threats that traditional endpoint and the so-called “next-gen AV” defenses miss.

  • 1st place at the AV-Comparatives 2019 Business Security Test, having a 100% detection rate in the real-world and 0 false positives.
  • Protects endpoints with award-winning Antimalware engine.
  • Detects zero day or even unknown threats with multi-layered antimalware security architecture.
  • Includes customizable pre, on, and post-execution technologies.
CISO handling multiple layers of security

Multiple Layers of Defense.
Minimal Chances of Breach.

Bitdefender offers one of the most comprehensive technology stacks at a global level. Our solutions are not limited to antimalware, but also comprise of a rich set of anti-spam, anti-ransomware, anti-exploit, and various other interceptors, as well as sandbox systems, mobile solutions, and even IoT. All these top performing features and modules can be easily integrated into endpoint protection solutions.

  • ATC or Advanced Threat Control proactively and dynamically monitors running processes for malicious behavior, constantly tagging suspicious activity.
  • Web Filtering blocks phishing, fraud, or malicious websites by scanning HTTP(S) traffic. In addition, it allows category-based URL blocking.
  • Bitdefender Firewall makes sure endpoints are protected with a fully featured two-way firewall.
  • Our anti-ransomware solution adds an extra layer of protection for your critical data.
Take advantage of our flexible business offer

Flexible Licensing Models

Bitdefender offers different business models and licensing options to adapt to your business needs. You can choose to integrate Bitdefender technology into your own product or service, to offer it as an optional add-on or to pack it as an upsell/cross-sell option to existing customers. You can even deploy it for internal use.

  • Bitdefender’s flexible business model will allow you to offer monthly, annual, multi-year, usage-based or any other type of subscription you need.
  • Our endpoint solutions are not just easy to implement, but also incredibly easy to manage from a centralized point.
  • Our cutting-edge architecture will reduce a lot of the IT tasks usually associated with such integrations.
Give your product the chance to offer the best security for mobiles

Advanced Mobility

Our mobile antimalware solution identifies malware applications before they can be fully installed onto a mobile phone or tablet. Integrating mobile antimalware products into your services gives your partners and clients a deeper sense of security and consolidates their confidence in your offer. Our partners are already using Bitdefender mobile solutions to:

  • Increase their revenue stream from security products.
  • Add value to their product or service by expanding their user base.
  • Improve their competitive advantage over other vendors.

Applicable SDKs

Antimalware SDK

Bitdefender’s Antimalware SDK offers a set of multi-layered, industry leading, protection technologies that can be integrated into your solution to provided added value and justify additional premium from existing customers that use legacy solutions. Our SDK can also be used to seize new opportunities, by leveraging market demand for protection suites.
Bitdefender’s Antimalware SDK can be easily implemented at the endpoint and it can also be complemented by a wide range of Bitdefender security technologies to harden security, protect against new threat vectors, and respond to additional market demand platforms.

Download Datasheet


  • Tailored for endpoint integration It comes with a full set of additional components required for an endpoint protection solution.
  • Cross-platform It supports multiple operating systems (Windows, Linux, MacOS) with the same API.
  • Detection Extensive array of protection layers, including heuristic analysis, signature-based detection, emulation, generic detection, and signatures-leveraging machine learning models.
  • Remediation It offers full remediation for prevalent threats.
  • Seamless integration with Bitdefender Global Protective Network.
  • Battlefield-tested extensively used by Bitdefender Technology Partners and incorporated into Bitdefender premium set of products.

Anti-Ransomware SDK

The anti-ransomware SDK offers an additional layer of protection against the ever-evolving threat landscape of ransomware, now one of the biggest threats to both personal and business data.


  • Protects mission-critical content from zero-day ransomware.
  • Controls the effect of an otherwise successful ransomware attack.

Online Threats SDK

The Online Threats SDK detects malicious, phishing, and fraudulent websites before they can expose users to scam attacks. It uses advanced local and cloud filters to analyze URLs and web page content and return a quick verdict (clean, phishing, fraud etc.).
The SDK combines superior detection powered by advanced heuristics with cloud-based updates provided by the Bitdefender security cloud (Global Protective Network / GPN), which processes billions of website transactions daily. Using the GPN cloud ensures instant detection and/or updating of URLs and websites, even regarding those that are live very briefly, as well as fast reaction to new attacks such as phishing outbreaks.

Download Datasheet


  • The Online Threats SDK offers real-time protection from online cyber threats such as phishing and fraud attacks.
  • The combination of cloud and local filters ensures high-speed scanning and accuracy, with a very small footprint.
  • Advanced heuristic techniques ensure enhanced detection of phishing attempts and outbreaks.
  • Malicious URLs are updated in real time using the Bitdefender cloud (Global Protective Network).
  • Offers a simplified, easy-to-use cross-platform API that ensures a quick and easy integration process.
  • Proven proprietary technologies, extensively used in the Bitdefender portfolio of products and SDKs.

Web Filtering SDK

Bitdefender’s Web Filtering SDK gives partners effective URL and web-page category-based filtering capabilities, allowing them to develop solutions that categorize URLs and websites in real time and further facilitates web access monitoring and control. This lets partners successfully address customers’ concerns about security, while increasing employee productivity and freeing up valuable IT resources and network bandwidth.

Download Datasheet


  • Broad coverage, including millions of relevant active URLs and websites, in multiple languages.
  • 50+ domain categories, including high-risk ones (drugs, gambling, hacking, hate, illegal, porn etc.).
  • High-accuracy detection ensured by heuristic filtering coupled with signatures and URL blacklisting.
  • The combination of fast cloud URL lookups with a local database cache prevents any latency.
  • Offers around-the-clock cloud-based updates of web categories; domains are added or updated instantly.
  • Offers an easy-to-use cross-platform API that keeps the integration time to a minimum and is fit for a variety of use cases.

URL Status Service

The Bitdefender URL Status service is a completely cloud-based solution that detects malicious, phishing, and fraudulent websites in the cloud and in real-time before they can expose a user to an attack or scam.
URL information is updated in real-time, with new malicious URLs, with domains identified and processed by Bitdefender technologies, and additional intelligence gained from multiple sources.

Download Datasheet


  • Broad coverage, including millions of relevant, active URLs and websites, in multiple languages.
  • 50+ domain categories, including high-risk ones (drugs, gambling, hacking, hate, illegal, porn etc.).
  • High-accuracy detection backed by a variety of technologies and data-sources.
  • Offers around-the-clock cloud-based updates; detection is updated instantly.

Traffic Interceptor SDK

The Bitdefender Traffic Interceptor Software Development Kit (the SDK) allows the interception and scanning of HTTP, HTTPS, SMTP and POP3 traffic, as well as that of custom protocols.


  • Real-time traffic inspection of HTTP protocol.
  • Real-time interception of emails delivered through SMTP and POP3 protocols with the ability to access and modify the email messages.
  • Support for intercepting raw data, so you can implement your own protocol decoders.
  • Provides optional integration with Bitdefender URL Reputation Service.

Endpoint Protection SDK

The Endpoint SDK addresses the needs of the most demanding enterprises by providing cross-platform security for physical and virtual endpoints, including multi-layer antimalware protection, behavioral scanning, firewall, web security, device control and disk encryption etc.
This is done simply by deploying a local agent that issues commands to the client security software and can be remotely controlled via JSON calls from the partner’s centralized management console.

Download Datasheet


  • File scanning On access and on demand, using Bitdefender’s award-winning antimalware engine.
  • Behavioral scanning Proactive malware detection technology based on continuous application lifecycle behavioral monitoring; it also includes the anti-exploit technology, which is a behavioral base technology specialized in detecting ROP type of exploits.
  • Email/web traffic security Anti-malware, anti-phishing, and anti-fraud scanning.
  • Stateful endpoint-level firewall.
  • Volume encryption Full disk encryption, preventing the loss of sensitive information
  • User control Web control, categories-based filtering, application blacklist, data protection.
  • Device control Prevents sensitive data leakage and malware infections via external devices.
  • Application Control/Application whitelisting.

Advanced Threat Control SDK

Bitdefender’s Advanced Threat Control (ATC) SDK employs a proactive and dynamic technology based on advanced heuristics methods to detect zero-day threats in real time. An on-execution protection layer, the SDK augments Bitdefender’s comprehensive pre-execution detection technologies, and enables organizations to add an extra layer of protection that drastically reduces the risk of new or evasive malware compromising a system.
Operating on a zero-trust assumption, the ATC SDK permanently monitors active applications and processes for any signs of malicious behavior. It relies on actual behavior characteristics instead of signatures or binary or code fingerprints, which lets the SDK consistently detect new ransomware variants, other zero-day threats and file-less attacks.

Download Datasheet


  • High efficacy against ransomware, zero-day exploits and advanced persistent threats (APTs).
  • Detects advanced attacks early and prevents breaches, reducing incident response costs and efforts.
  • Awarded technology – Bitdefender had an average detection rate of 99.9% in 2017 Real-World Protection tests run by AV-Comparatives; and won the “Product of the Year” award for scoring “Advanced+” in all 7 tests conducted in 2017.
  • Intelligent performance optimization for application and process monitoring ensures low system impact.
  • Designed to facilitate remediation / cleanup of detected malware.
  • Acts as an additional or last layer of defense against known and unknown threats, complementing Bitdefender’s antimalware scanning technologies and heuristics.

Antimalware SDK for Android

Bitdefender provides advanced technologies for protecting Android devices against known and emerging threats. The Antimalware SDK identifies and blocks malware applications before they can be fully installed on mobile phones or tablets, enabling partners to protect users against malware, Trojans, phishing or other threats.

Download Datasheet


  • Detect and block malicious content on mobile devices running the Android platform.
  • High speed with low footprint on resources.
  • Offers around-the-clock cloud-based updates by leveraging Bitdefender Global Protective Network.
  • Supports Android on ARM platforms.

Android Web Security SDK

The Bitdefender Web Security SDK provides real-time detection of malicious or fraudulent web content and URLs. It scans URLs via the Bitdefender cloud and returns their status (clean, fraudulent, phishing etc.); offers the ability to filter content based on over 50+ web categories (search engine, social networks, gambling, pornography, drugs etc.).

Download Datasheet


  • Detects and blocks web-based threats on Android devices.
  • Java-compatible interface: no compatibility or portability issues.
  • Supports Android on ARM platforms.
  • Compatible with Android default browser and other popular browsers.

Sandbox Service

A powerful layer of protection against stealthy attacks, the Sandbox service analyzes suspicious files in depth, detonates payloads in a contained virtual environment, analyzes their behavior, reports malicious intent and provides actionable insight.
The Sandbox service acts as a “real target environment” for potentially malicious files, where everything is carefully crafted so threats act as they would in the wild, making it a powerful tool against targeted malware attacks and malware infiltration.

Download Datasheet


  • Provides advanced threat protection and zero-day exploit detection.
  • Utilizes Bitdefender Global Protective Network intelligence to detect malware.
  • Leverages purpose-built, advanced machine learning algorithms, aggressive behavior analysis, anti-evasion techniques, and memory snapshot comparison to detect threats.
  • Analyzes a broad range of targets (emails, documents, application files...).
  • Delivers in-depth reporting on malware behavior and enables early visibility into valuable indicators of compromise (IOC).
  • Helps uncover malicious files including polymorphic and other threats designed for undetectable targeted attacks.
  • s extremely easy to integrate; no effort needed to install and set-up locally, as it is a web service.

Sandbox Analyzer on Premise

Deployable as a virtual appliance and managed via a rich UI, the On-Premise packaging of the Sandbox Analyzer environment provides an additional layer of security, focused mainly on threat hunting and forensics. Unlike a cloud service, the On-Premise deployment allows for total control of the detonation environment used for malware analysis, enabling OEM partners to determine the specifics of the overall environment and corresponding software used to analyze files and apps. Currently supported on the VMWare ESXi environment, deploying the solution via a virtual appliance allows unlimited scalability given the limits of physical underlying hardware.

Download Datasheet


  • Deployed as single management VM on dedicated physical host.
  • Uses VMFS version 5, tested on ESXi 6.5, 6.7.
  • Orchestration and high-level management via on-premise instance of Gravity Zone Control Center.
  • Requires the underlying physical host to offer at least 12cores/24 threads and 64GBs of RAM plus 1TB of usable SSD storage for minimal deployment (sandbox manager + 2 detonation slots).
  • Supports Windows 7 & Windows 10 as base for golden imaging and detonation VMs (64 bit only).

If you want to enjoy Endpoint Security Technology, take a quick start here:

Contact us