CERT-GIB
Computer Emergency Response Team
What is CERT-GIB
Back in 2011, we created certified emergency response service, united by a mission: to immediately contain cyber threats, regardless of when and where they take place and who is involved.

A member of the Forum of Incident Response and Security Teams (FIRST)

An accredited member of Trusted Introducer (Association of European Security and Incident Response Teams)

A partner of the International Multilateral Partnership against Cyber Threats (IMPACT)

A member of OIC-CERT (Organisation of The Islamic Cooperation — Computer Emergency Response Teams)

CERT-GIB is officially authorized by Carnegie Mellon University (Pittsburgh, USA) and licensed to use the «CERT» trademark in its name


Signed memorandums of cooperation with Computer Emergency Response Teams worldwide

A member of APWG international coalition (Anti-Phishing Working Group)
How it works
- 24/7 monitoring
- Call us on
+65 3159-4398 - Email us at
response@cert-gib.com - Fill out our incident response form
- Establishing the source of the threat
- Assessing the intensity of the attack
- Obtaining context from Threat Intelligence & Attribution
- Clear instructions on how to contain the incident
- Blocking of phishing attempts & dangerous websites
- Proactive monitoring to prevent future threats
- Containment of serious attacks
- Digital evidence collection
- Threat actor identification and support with further investigation
Effective work thanks to Threat Hunting Framework Huntbox
Threat Hunting Framework Huntbox is a single system for managing detection infrastructure, automated analysis, event and alert storage, and retrospective incident analysis.
It helps CERT-GIB manage incidents effectively and efficiently, gives analysts access to an extensive database of events, and reduces the time spent on incident analysis thanks to automatic grouping and correlation.
- Internal and external Threat Hunting
- Module management
- Graph analysis
- Data storage
- Single interface
- Correlation & attribution
- Event analysis
Benefits of CERT-GIB
- Strategic team with a global vision and able to adjust defense methods to different verticals
- Close collaboration with Digital Forensics Laboratory, Threat Intelligence & Attribution and Investigation teams
- Use of world-class proprietary threat intelligence
- Context analysis to foresee sophisticated cyber threats behind trivial events
- Development of cutting-edge solutions to improve cybersecurity practices
- In-depth insights into various types of attack and how they are spread
- Identification of threats behind «legitimate» actions
- Extensive knowledge of cybercriminals’ tools and techniques
- Ability to block dangerous websites in the .RU and .РФ domain zones and more than 2,500 other domains
- Partnership with CERTs in more than a hundred countries to block malicious websites worldwide
CERT-GIB’s additional capabilities
Analysis of anomalies and malware
We examine network anomalies and malicious objects that have widespread cybersecurity implications for infrastructures. Moreover, we develop advanced methods to counter large-scale, sophisticated cyberthreats.
By detecting anomalies and analyzing malware, our security analysts prevent severe data breaches and network infections and detect vulnerabilities within an organization’s perimeter.
You will receive:
- A report including a basic analysis of any malware found, an assessment of the risks that the malware poses to your business, and a list of vulnerabilities detected
- Step-by-step recommendations on how to prevent similar attacks in the future
Possible objects of analysis:
- Suspicious process or file on an employee’s computer
- Unusual email sent to executives
- Hacking of a resource and its replacement with a phishing resource
- Email with threats and demands for ransom
- Fraudulent company website
- Distribution of the company’s sensitive information online
- Incoming text message to an employee with a link to download malware
- External scanning of corporate nodes to find and exploit vulnerabilities
- Files placed in quarantine by antivirus solutions
- Network traffic capture (PCAP)
Partner SOC in Bahrein
With more and more cyberthreats emerging worldwide, Bahrain became confronted with a need for competency centers to ensure that cybersecurity incidents are detected and responded to promptly and effectively.
In response to the current cyberthreat landscape, Group-IB and NGN International (Bahrain-based systems integrator) created the first 24/7 Security Operations Center (SOC) in Bahrain.
Threat Hunting Framework integration in the partner’s data center
Recruitment and training of tier-1 specialists in the CERT-GIB program
Project launch within one month of preparations starting
Regular cybersecurity training courses based on NGN International’s Training Center and led by Group-IB’s leading specialists
CERT-GIB in the news
Interested in joining CERT-GIB?
Find a vacancy