4.7
127 Reviews (All time)
Review weighting

Browse Group-IB Reviews

Group-IB is present in 9 markets with 10 products. Group-IB has 127 reviews with an overall average rating of 4.7.

Digital Forensics and Incident Response Retainer Services

Digital forensics and incident response (DFIR) retainer services help organizations assess and manage the impact of a security incident. Digital forensics (DF) services assist with forensic response, aid in forensic information gathering and advise on proactive best practices for avoiding a breach. Incident response (IR) services assist with breach investigation, triage and impact classification. These capabilities are delivered as professional services, supported by technology services from the same provider.

Group-IB has 1 product in Digital Forensics and Incident Response Retainer Services market

Email Security Platforms

Gartner defines an email security platform as a product that secures email infrastructure. Its primary purpose is the removal of malicious (phishing, social engineering, viruses) or unsolicited messages (spam, marketing). Other functions include email data protection, domain-based message authentication, reporting and conformance (DMARC), investigation, and remediation through a dedicated console. These solutions may integrate as a secure email gateway (SEG) for predelivery protection or as an integrated cloud email security (ICES) solution for postdelivery protection. Email security platforms protect an organization’s email infrastructure from social engineering, phishing, business email compromise, spam, malware attacks and data theft. These platforms are deployed independently but integrated with other network and endpoint security controls to improve the overall risk posture of the organization. They offer cybersecurity teams visibility into email-related security incidents for investigation and remediation.

Group-IB has 1 product in Email Security Platforms market

Endpoint Protection Platforms

Gartner defines an endpoint protection platform (EPP) as security software designed to protect managed endpoints — including desktop PCs, laptop PCs, virtual desktops, mobile devices and, in some cases, servers — against known and unknown malicious attacks. EPPs provide capabilities for security teams to investigate and remediate incidents that evade prevention controls. EPP products are delivered as software agents, deployed to endpoints, and connected to centralized security analytics and management consoles. EPPs provide a defensive security control to protect end-user endpoints against known and unknown malware infections and file-less attacks using a combination of security techniques (such as static and behavioral analysis) and attack surface reduction capabilities (such as device control, host firewall management and application control). EPP prevention and protection capabilities are deployed as a part of a defense-in-depth strategy to help reduce the endpoint attack surface and minimize the risk of compromise. EPP detection and response capabilities are used to uncover, investigate and respond to endpoint threats that evade security protection, often as a part of broader threat detection, investigation and response (TDIR) capable products.

Group-IB has 1 product in Endpoint Protection Platforms market

External Attack Surface Management

External attack surface management (EASM) refers to the processes, technology and professional services deployed to discover internet-facing enterprise assets and systems and exposures that could be exploited by malicious threat actors. EASM is useful in identifying unknown assets and providing information about the organization’s systems, cloud services and applications that are available and visible in the public domain and therefore can be exploited by an attacker/adversary. This visibility can also be extended to the organization’s subsidiaries or third parties. EASM are most commonly cloud-based products and services but can also be delivered ‘as a service’. EASM appeals to security operations functions involved with penetration testing, vulnerability management and threat hunting who want better visibility of their internet-facing assets to complement their threat and exposure management program.

Group-IB has 1 product in External Attack Surface Management market

Network Detection and Response

Network detection and response (NDR) products detect abnormal system behaviors by applying behavioral analytics to network traffic data. They continuously analyze raw network packets or traffic metadata within internal networks (east-west) and between internal and external networks (north-south). NDR products include automated responses, such as host containment or traffic blocking, directly or through integration with other cybersecurity tools. NDR can be delivered as a combination of hardware and software appliances for sensors, some with IaaS support. Management and orchestration consoles can be software or SaaS.

Group-IB has 1 product in Network Detection and Response market

Network Sandboxing (Transitioning to Hybrid Mesh Firewalls & Security Service Edge)

Network-based sandboxing is a proven technique for detecting malware and targeted attacks. Network sandboxes monitor network traffic for suspicious objects and automatically submit them to the sandbox environment, where they are analyzed and assigned malware probability scores and severity ratings. Sandboxing technology has been used for years by malware researchers at security companies and even in some large enterprises that are highly security conscious. Traditionally, using a sandbox has been an intensive effort requiring advanced skills. The malware researcher manually submits a suspicious object into the sandbox and analyzes it before flagging it as malware or not. By adding automated features to sandboxing technology (automatically submitting suspicious objects and automatically generating alerts).

Group-IB has 1 product in Network Sandboxing (Transitioning to Hybrid Mesh Firewalls & Security Service Edge) market

Online Fraud Detection

Gartner defines the OFD market as the market for solutions that detect and prevent fraudulent actions within digital channels (browsers and mobile apps). OFD solutions provide a spectrum of capabilities within digital channels to prevent direct and indirect financial losses and to mitigate risks. Their core capabilities: Mitigate the activity of malicious automated bots; Detect account takeover (ATO) attacks and trigger remedial actions; Detect fraudulent activity in high-risk events along the digital customer journey, such as when customers make payments, transfer funds, perform account management actions or access personally identifiable information (PII).

Group-IB has 1 product in Online Fraud Detection market

Security Consulting Services, Worldwide

Security consulting firms are advisory and consulting services (see 'Definition: Cybersecurity' ) related to information and IT security design, evaluation and recommendations. These services are procured by various stakeholders in an organization, including boards of directors, CEOs, chief risk officers (CROs), chief information security officers (CISOs), chief information officers (CIOs), and other business and IT leaders for the purpose of obtaining and ensuring acceptable risk levels for a specific client organization.

Group-IB has 1 product in Security Consulting Services, Worldwide market

Security Threat Intelligence Products and Services

The security threat intelligence products and services market refers to the combination of products and services that deliver knowledge (context, mechanisms, indicators, implications and action-oriented advice), information and data about cybersecurity threats, threat actors and other cybersecurity-related issues. The output of these products and services aims to provide or assist in the curation of information about the identities, motivations, characteristics and methods of threats, commonly referred to as tactics, techniques and procedures (TTPs). The intent is to enable better decision making and improve security technology capabilities to reduce the likelihood and impact of a potential compromise. Threat intelligence (TI) products and services support the different stages of a TI process life cycle. In particular, this involves defining the aims and objectives, collecting and processing intelligence originating from various sources, analyzing and disseminating it to different stakeholders within the organization, and regularly providing feedback on the entire process. These products and services support ongoing security investigations and assist in preventing future breaches by prioritizing infrastructure hardening. TI tools and services are most commonly cloud-based products and services, but can also be delivered “as a service.”

Group-IB has 2 products in Security Threat Intelligence Products and Services market
Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences, and should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose.
This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply.