Group-IB is present in 9 markets with 10 products. Group-IB has 133 reviews with an overall average rating of 4.7.
Digital Forensics and Incident Response Retainer Services
Digital forensics and incident response (DFIR) retainer services help organizations assess and manage the impact of a security incident. Digital forensics (DF) services assist with forensic response, aid in forensic information gathering and advise on proactive best practices for avoiding a breach. Incident response (IR) services assist with breach investigation, triage and impact classification. These capabilities are delivered as professional services, supported by technology services from the same provider.
Group-IB has 1 product in Digital Forensics and Incident Response Retainer Services market
Email Security
Gartner defines an email security solution as a product that secures email infrastructure. Its primary purpose is to protect against malicious messages (phishing, social engineering, malware) or unsolicited messages (spam, marketing). Other functions include email data protection; domain-based message authentication, reporting and conformance (DMARC); investigation; and remediation through a dedicated console. Email security solutions may also support nonemail collaboration tools, such as those for document management and instant messaging. Email security tools protect an organization’s email from spam, phishing, malware attacks, account takeover and data loss. They may provide capabilities for data loss prevention, encryption, domain authentication and security education, as well as advanced protections against business email compromise. Email security platforms give cybersecurity teams visibility into email-related security incidents, support investigation and automated remediation, and enable management of both inbound and outbound email delivery. Email security solutions often integrate with other network, identity and endpoint security controls, and may also support collaboration tools and email relay capabilities.
Group-IB has 1 product in Email Security market
Endpoint Protection Platforms
Gartner defines an endpoint protection platform (EPP) as security software designed to protect managed endpoints — including desktop PCs, laptop PCs, virtual desktops, mobile devices and, in some cases, servers — against known and unknown malicious attacks. EPPs provide capabilities for security teams to investigate and remediate incidents that evade prevention controls. EPP products are delivered as software agents, deployed to endpoints, and connected to centralized security analytics and management consoles. EPPs provide a defensive security control to protect end-user endpoints against known and unknown malware infections and file-less attacks using a combination of security techniques (such as static and behavioral analysis) and attack surface reduction capabilities (such as device control, host firewall management and application control). EPP prevention and protection capabilities are deployed as a part of a defense-in-depth strategy to help reduce the endpoint attack surface and minimize the risk of compromise. EPP detection and response capabilities are used to uncover, investigate and respond to endpoint threats that evade security protection, often as a part of broader threat detection, investigation and response (TDIR) capable products.
Group-IB has 1 product in Endpoint Protection Platforms market
External Attack Surface Management
External attack surface management (EASM) refers to the processes, technology and professional services deployed to discover internet-facing enterprise assets and systems and exposures that could be exploited by malicious threat actors. EASM is useful in identifying unknown assets and providing information about the organization’s systems, cloud services and applications that are available and visible in the public domain and therefore can be exploited by an attacker/adversary. This visibility can also be extended to the organization’s subsidiaries or third parties. EASM are most commonly cloud-based products and services but can also be delivered ‘as a service’. EASM appeals to security operations functions involved with penetration testing, vulnerability management and threat hunting who want better visibility of their internet-facing assets to complement their threat and exposure management program.
Group-IB has 1 product in External Attack Surface Management market
Network Detection and Response
Network detection and response (NDR) products detect abnormal system behaviors by applying behavioral analytics to network traffic data. They continuously analyze raw network packets or traffic metadata within internal networks (east-west) and between internal and external networks (north-south). NDR products include automated responses, such as host containment or traffic blocking, directly or through integration with other cybersecurity tools. NDR can be delivered as a combination of hardware and software appliances for sensors, some with IaaS support. Management and orchestration consoles can be software or SaaS.
Group-IB has 1 product in Network Detection and Response market
Network Sandboxing (Transitioning to Hybrid Mesh Firewalls & Security Service Edge)
Network-based sandboxing is a proven technique for detecting malware and targeted attacks. Network sandboxes monitor network traffic for suspicious objects and automatically submit them to the sandbox environment, where they are analyzed and assigned malware probability scores and severity ratings. Sandboxing technology has been used for years by malware researchers at security companies and even in some large enterprises that are highly security conscious. Traditionally, using a sandbox has been an intensive effort requiring advanced skills. The malware researcher manually submits a suspicious object into the sandbox and analyzes it before flagging it as malware or not. By adding automated features to sandboxing technology (automatically submitting suspicious objects and automatically generating alerts).
Group-IB has 1 product in Network Sandboxing (Transitioning to Hybrid Mesh Firewalls & Security Service Edge) market
Online Fraud Detection
Gartner defines the OFD market as the market for solutions that detect and prevent fraudulent actions within digital channels (browsers and mobile apps). OFD solutions provide a spectrum of capabilities within digital channels to prevent direct and indirect financial losses and to mitigate risks. Their core capabilities: Mitigate the activity of malicious automated bots; Detect account takeover (ATO) attacks and trigger remedial actions; Detect fraudulent activity in high-risk events along the digital customer journey, such as when customers make payments, transfer funds, perform account management actions or access personally identifiable information (PII).
Group-IB has 1 product in Online Fraud Detection market
Security Consulting Services, Worldwide
Security consulting firms are advisory and consulting services (see 'Definition: Cybersecurity' ) related to information and IT security design, evaluation and recommendations. These services are procured by various stakeholders in an organization, including boards of directors, CEOs, chief risk officers (CROs), chief information security officers (CISOs), chief information officers (CIOs), and other business and IT leaders for the purpose of obtaining and ensuring acceptable risk levels for a specific client organization.
Group-IB has 1 product in Security Consulting Services, Worldwide market
Security Threat Intelligence Products and Services (Transitioning to Cyber Threat Intelligence Technologies)
The security threat intelligence products and services market refers to the combination of products and services that deliver knowledge (context, mechanisms, indicators, implications and action-oriented advice), information and data about cybersecurity threats, threat actors and other cybersecurity-related issues. The output of these products and services aims to provide or assist in the curation of information about the identities, motivations, characteristics and methods of threats, commonly referred to as tactics, techniques and procedures (TTPs). The intent is to enable better decision making and improve security technology capabilities to reduce the likelihood and impact of a potential compromise. Threat intelligence (TI) products and services support the different stages of a TI process life cycle. In particular, this involves defining the aims and objectives, collecting and processing intelligence originating from various sources, analyzing and disseminating it to different stakeholders within the organization, and regularly providing feedback on the entire process. These products and services support ongoing security investigations and assist in preventing future breaches by prioritizing infrastructure hardening. TI tools and services are most commonly cloud-based products and services, but can also be delivered “as a service.”
Group-IB has 2 products in Security Threat Intelligence Products and Services (Transitioning to Cyber Threat Intelligence Technologies) market