Bitdefender | |
Type: | Private |
Industry: | Computer software |
Products: | Cybersecurity software |
Services: | Computer security |
Founder: | Florin Talpeș |
Location: | Bucharest, Romania |
Area Served: | Worldwide |
Key People: | Florin Talpeș (CEO) |
Num Employees: | 1,600+ (2023) |
Bitdefender is a Romanian cybersecurity technology company headquartered in Bucharest, Romania, with offices in the United States, Europe, Australia and the Middle East.[1] [2]
The company was founded in 2001 by the current CEO and main shareholder, Florin Talpeș. Bitdefender develops and delivers cybersecurity products and services, including endpoint protection, cloud and managed security, antivirus software and IoT security. Bitdefender products are distributed through partners in over 150 countries and the US market is estimated to generate more than 40% of its revenues. As of 2020, the company employed more than 1,600 people worldwide.
Bitdefender has won a number of awards from AV-Comparatives, an anti-virus assessment firm.[3] [4]
Bitdefender software was originally developed by SOFTWIN, a company founded in 1990 in post-communist Romania. It was originally sold as AVX (Antivirus Expert) from 1996 until 2001, when the Bitdefender subsidiary was created, and AVX was rebranded under the Bitdefender name.[5]
From 2004 to 2015, the company expanded with offices in the United States, Germany, United Kingdom, Denmark, and the Middle East.[6]
The company joined the No More Ransom initiative in 2016, releasing free decryption tools for victims of ransom attacks to decrypt their devices without having to pay to do so.[7] [8]
In 2018, Bitdefender opened a new subsidiary in Australia, through acquisition of assets from SMS eTech.[9] That year, the company also acquired behavioral and network security analysis company RedSocks,[10] and joined the Cybersecurity Tech Accord.[11] [12]
Bitdefender opened its own Security Operations Center in San Antonio, Texas in 2019. Bitdefender signed a multi-year partnership deal with Scuderia Ferrari on September 28, 2022.[13] [14]
2007: Bitdefender becomes a separate business entity with external capital entry.
Axxess Capital Investment Fund becomes a key shareholder.
2011: Bitdefender launches enterprise range and virtualization security products.
2015: Bitdefender creates a new consumer product category with Bitdefender BOX and IoT security services.[15]
2017: Bitdefender makes its first major acquisition by acquiring French partner Profil Technology Source.[16]
British fund Vitruvian buys a 30% stake in the Bitdefender, valuing Bitdefender at more than $600 million.[17]
Bitdefender’s 2020 research into the Interplanetary Storm botnet proxy network was provided to law enforcement ahead of the FBI dismantling the network in November 2023.[18]
2021: Bitdefender unveils its extended detection and response (XDR) platform, offering business customers further visibility and incident context during investigations to accelerate threat validation, response actions and remediation.[19]
2024: In April, Bitdefender announced the launch of Bitdefender Voyager Ventures, a corporate venture capital unit.[20]
On March 20, 2010, computers running Bitdefender under 64-bit versions of Windows were affected by a malfunctioning update that classified every executable program as well as dll files as infected. These files were all marked as 'Trojan.FakeAlert.5' and were moved into quarantine. This action led to software and systems malfunctions that affected users around the world.[21] Bitdefender representatives announced the removal of the faulty update and a workaround for the users affected,[22] except for those using the 2008 version.[23]
In 2021, Bitdefender was accused of self-promotion when releasing and publicly announcing a decryptor to the detriment of victims of DarkSide, a hacking group. In 2020, DarkSide switched their main encryption ransomware product over to an "affiliate" model wherein other attackers could download and use their software in exchange for a portion of the profits. However, they introduced a bug in the process where affiliate hackers would all use the same private RSA key - meaning that a decryption package for a single target who paid the ransom would work on any target that had the ransomware installed. Security researchers noticed and were quietly already helping victims of the software, but with no public notice, making it so that the attackers would only see an inexplicable decrease in ransom payments that could be written off as chance. Months later, Bitdefender publicly released a decryptor of their own development and issued a blog post describing the flaw. This was criticized in an article in the MIT Technology Review. The article wrote that Bitdefender's program wasn't even safe - it was flawed and would "damage" files decrypted with it due to bugs within it, unlike the earlier decryptors that had been quietly used. Second, the blog post tipped off DarkSide as to the nature of the flaw; DarkSide promptly patched the bug and sarcastically thanked Bitdefender for pointing it out, then went on with their campaign of extortion. A notable incident that took place after Bitdefender's public disclosure was the Colonial Pipeline cyberattack in May 2021. While the security researchers who had been using the flaw before acknowledge that it's probable DarkSide would eventually have noticed and fixed the issue, they still criticized Bitdefender for using the bug merely for a brief burst of publicity, rather than in the way that would most help victims of the scheme.[24] Bitdefender has defended their actions on their blog, saying that they only wished to make as many organizations as possible aware of the existence of the bug in DarkSide's ransom attacks.[25] The article and blog post triggered a discussion among cybersecurity professionals about the pros and cons of publicly disclosing such vulnerabilities in malware.[26]