Prevention
- Security Assessment
- Red Teaming
- Compliance Audit
- Pre-IR Assessment
- Compromise Assessment
- Cyber Education
- GIB Crypto
Atmosphere
Block, detonate and hunt for the most advanced email threats with patented email security technology.
Start Free Trial
It’s 2021. Your email needs better protection than just an antivirus, anti-spam or a traditional sandbox.
Group-IB Atmosphere key features
Block attacks with intelligence-driven behavioural analysis
Atmosphere is an intel-driven malware detonation platform that understands how attackers circumvent traditional sandboxes. It analyzes texts, URLs, attachments and encrypted objects and surpasses most modern evasion methods.
Detonate payloads
and extract actionable knowledge about attacks
Atmosphere extracts context from attacks by executing payloads in an isolated environment, automatically attributing the attack to a threat actor or malware family and mapping the TTPs to the ATT&CK matrix.
Attribute blocked attacks
to understand what’s next
Atmosphere automatically matches detonation reports with our Gartner-recognized Threat Intelligence & Attribution data lake in order to perform attribution and answer key questions: who is behind the attack and what to expect next.
Adjust cloud VMs to mimic your real environment
Atmosphere makes it possible to configure virtual machine properties to make them look like your actual corporate environment. This helps surpass advanced detection evasion techniques involved in most modern attacks.
Perform automatic retrospective scanning
and threat hunting
Atmosphere performs constant retrospective analysis. It re-downloads suspicious URLs and re-analyzes objects that can change their state over time. As such, it automatically discovers hidden threats.
Set up in minutes using the configuration wizard
Your Atmosphere tenant is provisioned automatically after your trial request is approved. Integration involves simple and standard configuration steps described in the automated setup wizard.
Attackers know what a real environment looks like
German company
Average competitor
Atmosphere
Singaporean company
Average competitor
Atmosphere
Polish company
Average competitor
Atmosphere
Most cloud email sandboxes use standard templates for virtual machines that look completely unnatural to adversaries and are therefore easy to both detect and hide from. This makes the entire approach completely useless against advanced attackers.
Atmosphere makes it possible to adjust key properties to make the virtual machine look like a real environment. Use actual computer names, employees names, corporate domain names, and other features to thoroughly mimic your actual environment.
German company
Singaporean company
Polish company
Atmosphere
Atmosphere
Atmosphere
Atmosphere makes it possible to adjust key properties to make the virtual machine look like a real environment. Use actual computer names, employees names, corporate domain names, and other features to thoroughly mimic your actual environment.
Average competitor
Average competitor
Average competitor
Most cloud email sandboxes use standard templates for virtual machines that look completely unnatural to adversaries and are therefore easy to both detect and hide from. This makes the entire approach completely useless against advanced attackers.
Think you're secure? Atmosphere features a fully automated test built on knowledge about real tools and techniques used by the most advanced adversaries. See where you really stand.
30+ real-life attack scenarios to test your existing email protection
Attack cases implemented in our test suite repeat different detection bypass techniques, manipulating with contexts, urls, required human activity as well as system-level and dependencies checks.
The result of 70,000 hours of incident response
All implemented test cases are based on attacks and incidents that Group-IB investigated. Once we discover the initial vector of attack and if it appears to be email, we use it to enrich our detection. We employ most general cases in our test suite.
Fully automated test: confirm domain ownership and run
The test is fully automated and requires only confirming domain ownership. By doing so, we verify that you actually control the domain name and that we can legally run the security assessment.
Integration overview
Availability in various regions and compliance with local regulations
To deliver cutting-edge email protection in accordance with local regulations, Group-IB Atmosphere is available in four different regions.
European Union (Germany)MEA (UAE)APAC (Singapore)North America (USA)
Instant deployment, free trial and fast integration
Cloud tenant is set up automatically after your trial request is approved. Integration is very simple and implemented as a gateway solution. Simply configure you domain name and Atmosphere will start protection as DNS records are updated.
Morphing features and API-level integrations
To improve detection and response even further, Atmosphere supports API-level integration with G-Suite and Office 365. At the same time, Group-IB’s proprietary technology called Neptune allows you to use your real office IP address during analysis runtime.