Project Description

Group-IB is a partner of Interpol and Europol

And, is a cybersecurity solutions provider, recommended by SWIFT and OSCE.


Group-IB is a global provider of solutions aimed at detecting and preventing cyber attacks, tackling online fraud, protecting IPs, and investigating high-tech crimes. The company’s technological leadership and R&D capabilities are built on its 16 years of hands-on experience in cyber crime investigations, over 1,000 successful investigations, and more than 60,000 hours of incident response.


Group iB’s mission is simple: to protect clients in cyberspace.


They achieve this through their unique ecosystem of products and services that combine the technological and human elements to produce the most effective threat detection and hunting. Their Threat Intelligence (TI) system has already been named one of the best in class by Gartner, Forrester, and IDC.


Group-IB’s flagship Threat Detection System (TDS) equips you with all the necessary instruments to detect and respond to advanced threats that go unnoticed by standard security tools. It is a comprehensive solution for hunting threats both within and beyond the protected perimeter.

Its modular architecture consists of four parts:

  • TDS Sensor: in-depth network scanner
  • TDS Polygon: unique malware detonation and dynamic analysis system
  • TDS Huntbox: unified system for managing the infrastructure, correlate events and hunt threats
  • TDS Huntpoint: separate lightweight endpoint agent

Traffic decryption and industrial network protection are also provided along with 24/7 support from CERT-GIB experts.

As mentioned earlier, Group-IB is ranked among the best Threat Intelligence providers in the world. Group-IB TI is actionable data that is based on unique and mostly closed sources: technological infrastructure, human intelligence, and data exchanged with CERTs and vendors worldwide. Among its many benefits, Group-IB TI detects threats, leaks, compromised data and hacker activity before they can harm a business; and attributes attacks and exposes adversaries’ infrastructure for proactive threat hunting.

For the protection of digital identity and prevention of online fraud across sessions, platforms, and devices in real time, Group-IB has Secure Bank/Secure Portal. Unlike traditional anti-fraud solutions that analyze transactions, Secure Bank/Secure Portal algorithms start working right from the sign-in stage to detect and prevent dangerous activities before the fraud is executed.

To speed up detection and enhance accuracy while giving context for response and investigation, Secure Bank/Secure Portal combines Behavioral Analytics, Advanced Device Fingerprinting, Clientless Malware Detection, Advanced Rule Engine, Group-IB TI, and Global User Profiling.


 Group-IB also has extensive experience cooperating with law enforcement and attorneys in their investigations by preparing digital evidence according to necessary requirements and without compromising the integrity of the data.

Before Incident

Group iB perform a variety of different assessments, including Security and Compromise Assessments, Pen testing, Red Teaming, and Incident Response Readiness Assessments. Among other tasks, they prepare security teams to respond to any incident; minimize dwell time and downtime; and determine how strong the infrastructure is and how it can be improved

During Incident

When it comes to incident response, CERT-GIB works 24/7/365 to quickly contain the threat and recover data. If you want faster mitigation and round-the-clock access to our incident response hotline, they offer an Incident Response Retainer (with flexible terms that fit individual needs). CERT-GIB is an accredited member of FIRST and Trusted Introducer and has been officially authorized by Carnegie Mellon University.

After Incident

During the investigation phase, Group-IB’s digital forensics specialists, whose combined experience has made them some of the best in the business, apply our Intelligence-driven approach to perform malware analysis, study threat actors’ activities, and piece together a coherent attack kill chain to restore business continuity.

Group-IB’s investigations have led to the return of over $300 million to clients as well as the take down of advanced persistent threat groups such as Silence, MoneyTaker, and Lazarus.

Their experts also conduct intensive training courses on incident response, digital forensics and other relevant cybersecurity topics. Each class is built on hands-on exercises based on real-life incidents rather than pure theory. This practical approach coupled with Group-IB’s nearly two decades of experience in the field make their courses some of the most effective out there.