Must have cyber intelligence
service to mitigate cyber threats
Learn about threats, leaks, attacks, and hacking activity
before they can harm your business
Prompt attack and threat notifications for your company, clients and partners
Direct access to compromised data and TTPs of malicious activity
Detections, analysis and forecasts of hacking activity in the areas of your interest
Convenient web interface for data search and analysis – no installation required
STIX/TAXII ready, official OASIS Cyber Threat Intelligence (CTI) Technical Committee Member
24×7 Personal cyber intelligence analyst support: tailored reports, malware analysis and much more
Strategic planning with cyber intelligence
Keep up with the constantly changing threat landscape, learn about threats targeting your business area, evaluate and improve your IT security investment strategy
- Evaluate risks, analyze statistics and assess potential damages
- Prioritize threats based on expert forecasts
- Learn attack tactics and cybercrime strategy
- Know your enemy
- Analytics by country or economy sector
- Quarterly digests
- Profiles of criminal groups, hacktivists and cyberterrorists
- Updated statistics and forecasts of hacking activity
- Analysis of hacker campaigns and assessment of damages
- Key news of the cybercrime underworld
During 2016 Threat Intelligence detected and informed on
new threats and hacker groups
15 incidents of sales
of confidential information
Taking control on upcoming cyber threats
Prepare for cyber attacks with comprehensive information on malware threatening your company and clients, attack targets and methods, cyber espionage tools, news and notifications on potential threats from private hacker resources.
- Adapt your security tools and response plans
- Learn about data leaks and identify insiders
- Prevent confidential data from being sold to third parties
- Monitor hacking attacks and activity peaks correlating with your incidents
- Tactics, tools and indicators of targeted attacks, including email subjects and malicious application names
- Full description, C&C server addresses, copies of setting files and other information on malware targeting your company and clients
- Notifications on data leaks and corporate and personal data sales
- Messages on searching insiders in companies and signs of suspicious hacker activity related to your company (such as detected specific malware targeting your business)
- Lists of hacked and attacked websites, phishing or hacked legitimate resources spreading malware
- DDoS attack target lists
- Modifications in operating systems and system-wide abnormal behaviors
- Suspicious IP addresses, including lists of non-public socks proxy servers, public proxy servers, Tor exit nodes, etc.
Apply IoCs to you layered cyber security infrastructure
Minimize the time you spend on incident response with instant notifications to critical threats, direct access to compromised data and a variety of technical indicators used to bolster your security.
- Protect your clients, employees, and partners against fraud and personal data theft
- Receive attack confirmation, learn about the attack source and mechanisms used
- Prevent leakage and industrial espionage
- Effectively stop targeted attacks
- Prevent illegal use of your brand
- Compromised corporate identifiers: corporate email accounts, intranet resources login credentials, etc.
- Compromised logins, passwords, online banking keys, bank card numbers
- IMEI/IMSI of infected mobile devices and ICCID of compromised SIM cards
- Domains, web services and digital certificates misusing your brand name
- IP addresses of infected customers, contractors, or partners
- Information on “money mules” – accounts to which stolen money is initially transferred
During 2016 Threat Intelligence detected and identified
user and corporate accounts
infected mobile devices
active apt cyber gangs
Intelligence and data collection
Group-IB specialists daily analyze thousands of compromised credentials, bank card numbers, messages and postings of “black hats” on deep web hacking forums, information on hundreds of attacks. We analyze the most recent malware, attack mechanisms and participate in incident investigations collecting the most recent and detailed information about cybercriminals, their strategies and tools.
- Collecting and analyzing information in 11 languages, the largest monitoring capabilities in Emerging Markets
- Data processing and storage on secure servers in the US, Germany and Russia
- High confidentiality of all the stored data, regularly tested and assessed security
Group-IB leverages its 14 years of unique expertise in cybercrime investigations to discover hidden connections buried within disparate data. We closely cooperate with best experts in cyber security around the world, which helps us to solve the most complicated global cases. Information analysis enables us to understand motives of criminals and create hacker profiles to forecast their future activity.
- Deep knowledge of Russian-speaking and international cybercriminal markets
- Adjustable amount of hours of remote analysts
- Ability to request assistance from special team of Group-IB security experts responsible for handling high-profile investigations
- Classification by regions and business areas
- Establishing correlations and interconnections
- Data validation
- Additional data and context collection
- Intelligence data exchange
Threat Intelligence data delivers cyber threats information you really need based on subscription types.
Also available through your threat intelligence platform:
24×7 access to real-time threat intelligence. Fight cyber criminals proactively with regular and urgent threat reports, information on compromised accounts and mobile devices, suspicious IP address data feeds and ability to block phishing resources. 40 hours of analyst support per quarter included.
Use full capabilities of Enterprise pack enriched with financial-specific threat data. Gain additional benefits from comprehensive intelligence on compromised banking cards, targeted malware and money mules sections. 40 hours of analyst support per quarter are also included.
Don’t leave any chances to cyber criminals with hacktivism analysis and profiling and power of Group-IB Brand Protection service. Discover phishing sites, fraudulent SSL certificates, abusive mobile applications and online advertising in automatic mode. Let Group-IB take down phishing sites and stop entire phishing operations to keep your business and customers away from cyber threats of future. 80 hours of analyst support in quarter included into subscription.
- Convenient WEB interface and highly detailed reports on detected threats
- STIX/TAXII ready, API for enterprise security solutions
- 24/7 analyst support to help you solve the most urgent and challenging incidents
|Sberbank||British American Tobacco||Microsoft||Colgate-Palmolive||Raiffeisen Bank|