Prevention
- Security Assessment
- Red Teaming
- Compliance Audit
- Pre-IR Assessment
- Compromise Assessment
- Cyber Education
- GIB Crypto
Block, detonate and hunt for the most advanced email threats with patented email security technology.
Start Free TrialAtmosphere is an intel-driven malware detonation platform that understands how attackers circumvent traditional sandboxes. It analyzes texts, URLs, attachments and encrypted objects and surpasses most modern evasion methods.
Atmosphere extracts context from attacks by executing payloads in an isolated environment, automatically attributing the attack to a threat actor or malware family and mapping the TTPs to the ATT&CK matrix.
Atmosphere automatically matches detonation reports with our Gartner-recognized Threat Intelligence & Attribution data lake in order to perform attribution and answer key questions: who is behind the attack and what to expect next.
Atmosphere makes it possible to configure virtual machine properties to make them look like your actual corporate environment. This helps surpass advanced detection evasion techniques involved in most modern attacks.
Atmosphere performs constant retrospective analysis. It re-downloads suspicious URLs and re-analyzes objects that can change their state over time. As such, it automatically discovers hidden threats.
Your Atmosphere tenant is provisioned automatically after your trial request is approved. Integration involves simple and standard configuration steps described in the automated setup wizard.
German company
Average competitor
Atmosphere
Singaporean company
Average competitor
Atmosphere
Polish company
Average competitor
Atmosphere
Most cloud email sandboxes use standard templates for virtual machines that look completely unnatural to adversaries and are therefore easy to both detect and hide from. This makes the entire approach completely useless against advanced attackers.
Atmosphere makes it possible to adjust key properties to make the virtual machine look like a real environment. Use actual computer names, employees names, corporate domain names, and other features to thoroughly mimic your actual environment.
German company
Singaporean company
Polish company
Atmosphere
Atmosphere
Atmosphere
Atmosphere makes it possible to adjust key properties to make the virtual machine look like a real environment. Use actual computer names, employees names, corporate domain names, and other features to thoroughly mimic your actual environment.
Average competitor
Average competitor
Average competitor
Most cloud email sandboxes use standard templates for virtual machines that look completely unnatural to adversaries and are therefore easy to both detect and hide from. This makes the entire approach completely useless against advanced attackers.
Attack cases implemented in our test suite repeat different detection bypass techniques, manipulating with contexts, urls, required human activity as well as system-level and dependencies checks.
All implemented test cases are based on attacks and incidents that Group-IB investigated. Once we discover the initial vector of attack and if it appears to be email, we use it to enrich our detection. We employ most general cases in our test suite.
The test is fully automated and requires only confirming domain ownership. By doing so, we verify that you actually control the domain name and that we can legally run the security assessment.
To deliver cutting-edge email protection in accordance with local regulations, Group-IB Atmosphere is available in four different regions.
Cloud tenant is set up automatically after your trial request is approved. Integration is very simple and implemented as a gateway solution. Simply configure you domain name and Atmosphere will start protection as DNS records are updated.
To improve detection and response even further, Atmosphere supports API-level integration with G-Suite and Office 365. At the same time, Group-IB’s proprietary technology called Neptune allows you to use your real office IP address during analysis runtime.