CERT-GIB
Computer Emergency Response Team
What is CERT-GIB
Back in 2011, we created certified emergency response service, united by a mission: to immediately contain cyber threats, regardless of when and where they take place and who is involved.
55+high-skilled analysts
60 000+hours of incident response
A member of the Forum of Incident Response and Security Teams (FIRST)
An accredited member of Trusted Introducer (Association of European Security and Incident Response Teams)
A partner of the International Multilateral Partnership against Cyber Threats (IMPACT)
A member of OIC-CERT (Organisation of The Islamic Cooperation — Computer Emergency Response Teams)
Signed memorandums of cooperation with Computer Emergency Response Teams worldwide
A member of APWG international coalition (Anti-Phishing Working Group)
How it works
Alert on the incident
- 24/7 monitoring
- Call us on
+65 3159-4398 - Email us at
response@cert-gib.com - Fill out our incident response form
Analysis and classification
- Establishing the source of the threat
- Assessing the intensity of the attack
- Obtaining context from Threat Intelligence & Attribution
First aid incident response
- Clear instructions on how to contain the incident
- Blocking of phishing attempts & dangerous websites
- Proactive monitoring to prevent future threats
Incident response & investigation
- Containment of serious attacks
- Digital evidence collection
- Threat actor identification and support with further investigation
Effective work thanks to Threat Hunting Framework Huntbox
Threat Hunting Framework Huntbox is a single system for managing detection infrastructure, automated analysis, event and alert storage, and retrospective incident analysis.
It helps CERT-GIB manage incidents effectively and efficiently, gives analysts access to an extensive database of events, and reduces the time spent on incident analysis thanks to automatic grouping and correlation.
- Internal and external Threat Hunting
- Module management
- Graph analysis
- Data storage
- Single interface
- Correlation & attribution
- Event analysis
Benefits of CERT-GIB
Human proficiency
- Strategic team with a global vision and able to adjust defense methods to different verticals
- Close collaboration with Digital Forensics Laboratory, Threat Intelligence & Attribution and Investigation teams
Intelligence-driven
- Use of world-class proprietary threat intelligence
- Context analysis to foresee sophisticated cyber threats behind trivial events
- Development of cutting-edge solutions to improve cybersecurity practices
In-depth expertise in APTs
- In-depth insights into various types of attack and how they are spread
- Identification of threats behind «legitimate» actions
- Extensive knowledge of cybercriminals’ tools and techniques
International cooperation
- Ability to block dangerous websites in the .RU and .РФ domain zones and more than 2,500 other domains
- Partnership with CERTs in more than a hundred countries to block malicious websites worldwide
CERT-GIB’s additional capabilities
Analysis of anomalies and malware
We examine network anomalies and malicious objects that have widespread cybersecurity implications for infrastructures. Moreover, we develop advanced methods to counter large-scale, sophisticated cyberthreats.
By detecting anomalies and analyzing malware, our security analysts prevent severe data breaches and network infections and detect vulnerabilities within an organization’s perimeter.
You will receive:
- A report including a basic analysis of any malware found, an assessment of the risks that the malware poses to your business, and a list of vulnerabilities detected
- Step-by-step recommendations on how to prevent similar attacks in the future
Possible objects of analysis:
- Suspicious process or file on an employee’s computer
- Unusual email sent to executives
- Hacking of a resource and its replacement with a phishing resource
- Email with threats and demands for ransom
- Fraudulent company website
- Distribution of the company’s sensitive information online
- Incoming text message to an employee with a link to download malware
- External scanning of corporate nodes to find and exploit vulnerabilities
- Files placed in quarantine by antivirus solutions
- Network traffic capture (PCAP)
Partner SOC in Bahrein
With more and more cyberthreats emerging worldwide, Bahrain became confronted with a need for competency centers to ensure that cybersecurity incidents are detected and responded to promptly and effectively.
In response to the current cyberthreat landscape, Group-IB and NGN International (Bahrain-based systems integrator) created the first 24/7 Security Operations Center (SOC) in Bahrain.
INTEGRATION
Threat Hunting Framework integration in the partner’s data center
RECRUITMENT
Recruitment and training of tier-1 specialists in the CERT-GIB program
LAUNCH
Project launch within one month of preparations starting
TRAININGRegular cybersecurity training courses based on NGN International’s Training Center and led by
Regular cybersecurity training courses based on NGN International’s Training Center and led by Group-IB’s leading specialists
CERT-GIB in the news
More news
Interested in joining CERT-GIB?
Find a vacancy
Are you under attack?