Computer Emergency Response Team

Report an incident

What is CERT-GIB

Back in 2011, we created certified emergency response service, united by a mission: to immediately contain cyber threats, regardless of when and where they take place and who is involved.

55+high-skilled analysts
70,000+hours of incident response

How it works

Alert on the incident

  • 24/7 monitoring
  • Call us on +65 3159-4398
  • Email us at response@cert-gib.com
  • Fill out our incident response form

Analysis and classification

  • Establishing the source of the threat
  • Assessing the intensity of the attack
  • Obtaining context from Threat Intelligence & Attribution

First aid incident response

  • Clear instructions on how to contain the incident
  • Blocking of phishing attempts & dangerous websites
  • Proactive monitoring to prevent future threats

Incident response & investigation

  • Containment of serious attacks
  • Digital evidence collection
  • Threat actor identification and support with further investigation

Effective work thanks to Threat Hunting Framework

Threat Hunting Framework is a single system for managing detection infrastructure, automated analysis, event and alert storage, and retrospective incident analysis.

It helps CERT-GIB manage incidents effectively and efficiently, gives analysts access to an extensive database of events, and reduces the time spent on incident analysis thanks to automatic grouping and correlation.

  • Internal and external Threat Hunting
  • Module management
  • Graph analysis
  • Data storage
  • Single interface
  • Correlation & attribution
  • Event analysis

Benefits of CERT-GIB

Human proficiency
  • Strategic team with a global vision and able to adjust defense methods to different verticals
  • Close collaboration with Digital Forensics Laboratory, Threat Intelligence & Attribution, Audit, Investigation teams and other Group-IB departments
  • Use of world-class proprietary threat intelligence
  • Context analysis to foresee sophisticated cyber threats behind trivial events
  • Development of cutting-edge solutions to improve cybersecurity practices
In-depth expertise in APTs
  • In-depth insights into various types of attack and how they are spread
  • Identification of threats behind «legitimate» actions
  • Extensive knowledge of cybercriminals’ tools and techniques
International cooperation
  • Ability to block dangerous websites in the .RU and .РФ domain zones and more than 2,500 other domains
  • Partnership with CERTs in more than a hundred countries to block malicious websites worldwide

CERT-GIB’s additional capabilities

Analysis of anomalies and malware

We examine network anomalies and malicious objects that have widespread cybersecurity implications for infrastructures. Moreover, we develop advanced methods to counter large-scale, sophisticated cyberthreats.

By detecting anomalies and analyzing malware, our security analysts prevent severe data breaches and network infections and detect vulnerabilities within an organization’s perimeter.

You will receive:

  • A report including a basic analysis of any malware found, an assessment of the risks that the malware poses to your business, and a list of vulnerabilities detected
  • Step-by-step recommendations on how to prevent similar attacks in the future

Possible objects of analysis:

  • Suspicious process or file on an employee’s computer
  • Unusual email sent to executives
  • Hacking of a resource and its replacement with a phishing resource
  • Email with threats and demands for ransom
  • Fraudulent company website
  • Distribution of the company’s sensitive information online
  • Incoming text message to an employee with a link to download malware
  • External scanning of corporate nodes to find and exploit vulnerabilities
  • Files placed in quarantine by antivirus solutions
  • Network traffic capture (PCAP)

Partner SOC in Bahrain

With more and more cyberthreats emerging worldwide, Bahrain became confronted with a need for competency centers to ensure that cybersecurity incidents are detected and responded to promptly and effectively.

In response to the current cyberthreat landscape, Group-IB and NGN International (Bahrain-based systems integrator) created the first 24/7 Security Operations Center (SOC) in Bahrain.


Threat Hunting Framework integration in the partner’s data center


Recruitment and training of tier-1 specialists in the CERT-GIB program


Project launch within one month of preparations starting


Regular cybersecurity training courses based on NGN International’s Training Center and led by Group-IB’s leading specialists

CERT-GIB in the news

More news

CERT-GIB’s events

Interested in joining CERT-GIB?

Find a vacancy

Awards and recognition

Cybersecurity Team of the Year – CERT-GIB

Are you under attack?Report an incident

Please fill in the form below to get immediate assistance from CERT-GIB
You can also call us at:
APAC: +65 3159-3798
Europe: +31 20 226-90-90
EMA: +971 4 508 1605

Thank you for filling out the form! We will get back to you shortly.

Get new report
Ransomware Uncovered 2021/2022

The well-known complete guide to the latest tactics, techniques, and procedures of ransomware operators based on MITRE ATT&CK®

Report an incident

Get 24/7 incident response assistance from our global team

APAC: +65 3159-3798
Europe: +31 20 226-90-90
EMA: +971 4 508 1605

Thank you for filling out the form! We will get back to you shortly.

We use cookies on the website to make your browser experience more personal, convenient and secure. You may block or manage the use of cookies, however, in some cases they’re essential to make this site work properly. Learn more about cookies in Group-IB Privacy And Cookies Policy.

Get new report Ransomware Uncovered 2021/2022