Bitdefender Activity Log Claims vs. Reality: What Isn't Being Logged pt. 2
Bitdefender Security's Activity Log page claims:
"Activity Log records all essential security tasks since installation." I tested this claim over two weeks of controlled monitoring. The claim is false. Multiple protection modules silently fail to log their own toggle events.
What This Means
If you're relying on Bitdefender's Activity Log to verify that your security features are active and working, you can't. The log is incomplete by design or by defect. You won't know if Scam Protection is actually on. You won't know if App Anomaly Detection disabled itself. You only know what the app claims is happening in Central, not what actually happened.
The Tests (Tier A: Directly Documented)
I enabled, disabled, and re-enabled the following features while monitoring the Activity Log in real time.
Scam Protection toggle: OFF to ON, ON to OFF, ON again. Zero log entries. Three toggle events, zero records.
App Anomaly Detection: Same sequence. Zero log entries across all three state changes.
Web Protection: This one logs OFF events instantly. But ON events do not log. You can watch the toggle flip in the UI, wait thirty seconds, refresh the log, and the ON event will not appear. OFF events appear within seconds. ON events never appear.
All three findings verified with screenshots, timestamps, and repeated across multiple test sessions.
**This matters because there's a way to cross-check whether protection is actually working. My device has Samsung's Digital Wellbeing tool, which tracks screen time per app, including Brave, independent of Bitdefender. It does not count pages.
On the same device, same time period, Digital Wellbeing showed active Brave screen time while Scam Protection was claimed "active."
Bitdefender Central reported: 0 pages scanned by Web Protection. Activity Log reported: 0 entries for Web Protection activity.
Three surfaces, three different stories. Digital Wellbeing confirms Brave was actually in use. Bitdefender's own dashboard and log both show nothing happened.(Digital Wellbeing's data is the independent one. It's Samsung's system-level tracking, not Bitdefender's.
Bitdefender can't fake that. So Bitdefender knows about zero scanned pages, and the Activity Log knows the same. The UI is the only one claiming protection is working.)
The VPN Kill-Switch Addendum (Tier A)
Bitdefender released a patch. I downloaded and installed it on June 20 after it became available. Same day, I emailed support to confirm the patch addressed a real-IP exposure issue I'd observed during Double Hop server transitions.
Bitdefender's reply, same day:
"Actually, that issue didn't need patching in the first place. It was never a bug." But they released the patch anyway. No one knows this because patch notes don't circulate. So the gap existed, was patched, and then was retroactively declared non-existent. The patch is still live. The claim of non-existence is contradicted by the fact of the update.
Secure Pass Locked Added finding:
I can no longer access Bitdefender Secure Pass. The app offers no "forgot password" option. Password reset requires support. You cannot login unless from the web version of central which is also locked for being the parent app, how this happened God alone knows because Bitdefender don't keep logs, apparently.
Support response times are currently 48+ hours, if they respond. Bitdefender Central's web version does not fully replicate the mobile app's functionality, so I cannot manage passwords from there either. I am locked out of my password manager because I cannot verify my account. This remains unresolved.(as of 25 June 2026, no solution given)
Why This Matters
Activity Log is the affordance Bitdefender offers to verify that protection is active. If the log is silent, users assume the feature is working and protected. The company's own claims enabled that assumption. The log failing silently is a failure of that trust, not a feature.
What I'm Asking
Bitdefender: Please clarify why these events do not log. Are they silently disabled by design? Is the logging system incomplete? Is the UI claiming events that never occurred? Provide the reason, the scope (how many other events fail to log?), and when this will be fixed.
Users: Assume Bitdefender's Activity Log is incomplete. If you need to verify protection is active, use a cross-check (network monitor, third-party browser logging, device logs). Do not rely on silence to mean safety.
Methodology (Tier Structure) Tier A findings:
Directly replicated, documented with screenshots, repeatable. Scam Protection toggle logging, App Anomaly Detection toggle logging, Web Protection asymmetric logging, three-surface contradiction, locked Secure Pass.
Tier B findings:
Attributed to official Bitdefender communications. VPN patch retroactively claimed non-existent. Tier C findings:
None on this report. Everything here was tested directly or sourced from Bitdefender's own email.
Contact the Author: I am open to research work find me on the links below.
Link to X exposè. https://x.com/i/status/2069923476799119829
•Baximus855.github.io •@BaximusCyber85 on X •Onyxdigitalintelligence85@protonmail.com
"It is better to be a warrior in a garden, than a gardener in a war" - Unknown