Computer Emergency Response Team

Report an incident

What is CERT-GIB

Back in 2011, we created certified emergency response service, united by a mission: to immediately contain cyber threats, regardless of when and where they take place and who is involved.

55+high-skilled analysts
60 000+hours of incident response

A member of the Forum of Incident Response and Security Teams (FIRST)

An accredited member of Trusted Introducer (Association of European Security and Incident Response Teams)

A partner of the International Multilateral Partnership against Cyber Threats (IMPACT)

A member of OIC-CERT (Organisation of The Islamic Cooperation — Computer Emergency Response Teams)

CERT-GIB is officially authorized by Carnegie Mellon University (Pittsburgh, USA) and licensed to use the «CERT» trademark in its name

Signed memorandums of cooperation with Computer Emergency Response Teams worldwide

A member of APWG international coalition (Anti-Phishing Working Group)

How it works

Alert on the incident
  • 24/7 monitoring
  • Call us on  +65 3159-4398
  • Email us at response@cert-gib.com
  • Fill out our incident response form
Analysis and classification
  • Establishing the source of the threat
  • Assessing the intensity of the attack
  • Obtaining context from Threat Intelligence
First aid incident response
  • Clear instructions on how to contain the incident
  • Blocking of phishing attempts & dangerous websites
  • Proactive monitoring to prevent future threats
Incident response & investigation
  • Containment of serious attacks
  • Digital evidence collection
  • Threat actor identification and support with further investigation

Effective work thanks to TDS Huntbox

TDS Huntbox is a single system for managing detection infrastructure, automated analysis, event and alert storage, and retrospective incident analysis.

It helps CERT-GIB manage incidents effectively and efficiently, gives analysts access to an extensive database of events, and reduces the time spent on incident analysis thanks to automatic grouping and correlation.

  • Internal and external Threat Hunting
  • Module management
  • Graph analysis
  • Data storage
  • Single interface
  • Correlation & attribution
  • Event analysis

Benefits of CERT-GIB

Human proficiency
  • Strategic team with a global vision and able to adjust defense methods to different verticals
  • Close collaboration with Digital Forensics Laboratory, Threat Intelligence and Investigation teams
  • Use of world-class proprietary threat intelligence
  • Context analysis to foresee sophisticated cyber threats behind trivial events
  • Development of cutting-edge solutions to improve cybersecurity practices
In-depth expertise in APTs
  • In-depth insights into various types of attack and how they are spread
  • Identification of threats behind «legitimate» actions
  • Extensive knowledge of cybercriminals’ tools and techniques
International cooperation
  • Ability to block dangerous websites in the .RU and .РФ domain zones and more than 2,500 other domains
  • Partnership with CERTs in more than a hundred countries to block malicious websites worldwide

CERT-GIB’s additional capabilities

Analysis of anomalies and malware

We examine network anomalies and malicious objects that have widespread cybersecurity implications for infrastructures. Moreover, we develop advanced methods to counter large-scale, sophisticated cyberthreats.

By detecting anomalies and analyzing malware, our security analysts prevent severe data breaches and network infections and detect vulnerabilities within an organization’s perimeter.

You will receive:

  • A report including a basic analysis of any malware found, an assessment of the risks that the malware poses to your business, and a list of vulnerabilities detected
  • Step-by-step recommendations on how to prevent similar attacks in the future

Possible objects of analysis:

  • Suspicious process or file on an employee’s computer
  • Unusual email sent to executives
  • Hacking of a resource and its replacement with a phishing resource
  • Email with threats and demands for ransom
  • Fraudulent company website
  • Distribution of the company’s sensitive information online
  • Incoming text message to an employee with a link to download malware
  • External scanning of corporate nodes to find and exploit vulnerabilities
  • Files placed in quarantine by antivirus solutions
  • Network traffic capture (PCAP)

Partner SOC in Bahrein

With more and more cyberthreats emerging worldwide, Bahrain became confronted with a need for competency centers to ensure that cybersecurity incidents are detected and responded to promptly and effectively.

In response to the current cyberthreat landscape, Group-IB and NGN International (Bahrain-based systems integrator) created the first 24/7 Security Operations Center (SOC) in Bahrain.


TDS integration in the partner’s data center


Recruitment and training of tier-1 specialists in the CERT-GIB program


Project launch within one month of preparations starting


Regular cybersecurity training courses based on NGN International’s Training Center and led by Group-IB’s leading specialists

CERT-GIB in the news

More news

CERT-GIB’s external events

Regional Cybersecurity Week 2019

Ticket to the future by WorldSkills

Ticket to the future by WorldSkills

Regional Cybersecurity Week 2019

Ticket to the future by WorldSkills

Ticket to the future by WorldSkills

Interested in joining CERT-GIB?

Find a vacancy

Experiencing a breach?Report an incident

Please fill in the form below to get immediate assistance from CERT-GIB

Thank you for the inquiry! We will contact you soon.

Report an incident

24/7 Incident Response Assistance +65 3159-4398

Thank you for the inquiry! We will contact you soon.

We use cookies on the website to make your browser experience more personal, convenient and secure. You may block or manage the use of cookies, however, in some cases they’re essential to make this site work properly. Learn more about cookies in Group-IB Privacy And Cookies Policy.

All you need to know to #StayCyberSafe