Report an incident

Get 24/7 incident response assistance from our global team

Talk to sales

Just fill out the form, and our representative will contact you soon.

Join the Cybercrime Fighters Club

Please review the following rules before submitting your application:

1. Our main objective is to foster a community of like-minded individuals dedicated to combatting cybercrime and who have never engaged in Blackhat activities.

2. All applications must include research or a research draft. You can find content criteria in the blog. Please provide a link to your research or research draft using the form below.

Group-IB Integrations

Integrate our best-of-breed solutions into
your security ecosystem
Talk to an expert
promo-imtegrate

Maximize the value of your security stack

Group-IB integrations help to maximize the value of your security stack by delivering real-time intelligence, threat detection, and incident response capabilities to the systems you use every day. Browse our full list of integrations to see how you can streamline your security operations seamlessly.

All product types
Anti-fraud
ASMP
Cloud
Email
NGFW
SAML
SIEM
SOAR
TIP
Anti-fraud
Author
SAS
Source
Product Help Center
SAS Fraud
Group-IB solution
Fraud Protection
Fraud Protection
Anti-fraud
Author
Ingenious
Source
Product Help Center
Ingenious Intuition
Group-IB solution
Fraud Protection
Fraud Protection
Anti-fraud
Author
IBM
Source
Product Help Center
IBM Safer Payments
Group-IB solution
Fraud Protection
Fraud Protection
Anti-fraud
Author
GBG
Source
Product Help Center
GBG Predator
Group-IB solution
Fraud Protection
Fraud Protection
Anti-fraud
Author
GBG
Source
Product Help Center
GBG Instinct
Group-IB solution
Fraud Protection
Fraud Protection
Anti-fraud
Author
Emcrey
Source
Product Help Center
Emcrey
Group-IB solution
Fraud Protection
Fraud Protection
Anti-fraud
Author
FICO
Source
Product Help Center
FICO Falcon
Group-IB solution
Fraud Protection
Fraud Protection
Asmp
Author
Brinqa
Source
Internal marketplace
Brinqa
Group-IB solution
Threat Intelligence
Threat Intelligence
Cloud
Author
Group-IB
Source
Product Help Center
Microsoft Azure
Group-IB solution
Attack Surface Management
Attack Surface Management
Cloud
Author
Group-IB
Source
Public Marketplace
AWS
Group-IB solution
Fraud Protection
Fraud Protection
Cloud
Author
Group-IB
Source
Product Help Center
AWS
Group-IB solution
Attack Surface Management
Attack Surface Management
Email
Author
Group-IB
Source
Product Help Center
Microsoft 365
Group-IB solution
Business Email Protection
Business Email Protection
Ngfw
Author
Group-IB
Source
Product Help Center
Palo Alto FireWall
Group-IB solution
Threat Intelligence
Threat Intelligence
Ngfw
Author
Group-IB
Source
Product Help Center
Cisco ASA
Group-IB solution
Threat Intelligence
Threat Intelligence
Saml
Author
Group-IB
Source
Product Help Center
Okta SSO
Group-IB solution
Unified Risk Platform
Unified Risk Platform
Saml
Author
Group-IB
Source
Product Help Center
Microsoft Entra ID
Group-IB solution
Unified Risk Platform
Unified Risk Platform
Saml
Author
Group-IB
Source
Product Help Center
Google Workspace
Group-IB solution
Unified Risk Platform
Unified Risk Platform
Siem
Author
Group-IB
Source
Public Marketplace
Splunk ES
Group-IB solution
Digital Risk Protection
Digital Risk Protection
Siem
Author
Group-IB
Source
Public Marketplace
Splunk ES
Group-IB solution
Threat Intelligence
Threat Intelligence
Siem
Author
Group-IB
Source
Product Help Center
LogRhythm SIEM
Group-IB solution
Threat Intelligence
Threat Intelligence
Siem
Author
Group-IB
Source
Public Marketplace
IBM Security QRadar SIEM
Group-IB solution
Digital Risk Protection
Digital Risk Protection
Siem
Author
Group-IB
Source
Public Marketplace
IBM Security QRadar SIEM
Group-IB solution
Threat Intelligence
Threat Intelligence
Soar
Author
Group-IB
Source
Public repository
Microsoft Sentinel
Group-IB solution
Threat Intelligence
Threat Intelligence
Soar
Author
Swimlane
Source
Public Marketplace
Swimlane
Group-IB solution
Threat Intelligence
Threat Intelligence
Soar
Author
Group-IB
Source
Public Marketplace
Splunk SOAR
Group-IB solution
Threat Intelligence
Threat Intelligence
Soar
Author
Group-IB
Source
Internal marketplace
Google SecOps
Group-IB solution
Threat Intelligence
Threat Intelligence
Soar
Author
Group-IB
Source
Internal marketplace
Google SecOps
Group-IB solution
Digital Risk Protection
Digital Risk Protection
Soar
Author
Group-IB
Source
Public Marketplace
Cortex XSOAR
Group-IB solution
Threat Intelligence
Threat Intelligence
Soar
Author
Group-IB
Source
Public Marketplace
Cortex XSOAR
Group-IB solution
Managed XDR
XDR Malware Detonation Platform
Soar
Author
StrikeReady
Source
Internal marketplace
StrikeReady
Group-IB solution
Threat Intelligence
Threat Intelligence
Soar
Author
StrikeReady
Source
Internal marketplace
StrikeReady
Group-IB solution
Digital Risk Protection
Digital Risk Protection
Tip
Author
Liberty91
Source
Public Marketplace
Liberty91
Group-IB solution
Threat Intelligence
Threat Intelligence
Tip
Author
Vertex Synapse
Source
Public Marketplace
Vertex Synapse
Group-IB solution
Threat Intelligence
Threat Intelligence
Tip
Author
ThreatQ
Source
Public Marketplace
ThreatQ
Group-IB solution
Threat Intelligence
Threat Intelligence
Tip
Author
Group-IB
Source
Public Marketplace
ThreatConnect
Group-IB solution
Threat Intelligence
Threat Intelligence
Tip
Author
Splunk
Source
Internal marketplace
Splunk TruSTAR
Group-IB solution
Threat Intelligence
Threat Intelligence
Tip
Author
Group-IB
Source
Public repository
Filigran OpenCTI
Group-IB solution
Threat Intelligence
Threat Intelligence
Tip
Author
Group-IB
Source
Product Help Center
MISP
Group-IB solution
Threat Intelligence
Threat Intelligence
Tip
Author
EclecticIQ
Source
Internal marketplace
EclecticIQ Platform
Group-IB solution
Threat Intelligence
Threat Intelligence
Tip
Author
Cyware
Source
Internal marketplace
Cyware CTIX
Group-IB solution
Threat Intelligence
Threat Intelligence
Tip
Author
Anomali
Source
Internal marketplace
Anomali ThreatStream
Group-IB solution
Threat Intelligence
Threat Intelligence
Soar
Author
StrikeReady
Source
Internal marketplace
StrikeReady
Group-IB solution
Digital Risk Protection
Digital Risk Protection
Soar
Author
StrikeReady
Source
Internal marketplace
StrikeReady
Group-IB solution
Threat Intelligence
Threat Intelligence
Siem
Author
Group-IB
Source
Public Marketplace
IBM Security QRadar SIEM
Group-IB solution
Threat Intelligence
Threat Intelligence
Soar
Author
Group-IB
Source
Public Marketplace
Cortex XSOAR
Group-IB solution
Managed XDR
XDR Malware Detonation Platform
Tip
Author
Anomali
Source
Internal marketplace
Anomali ThreatStream
Group-IB solution
Threat Intelligence
Threat Intelligence
Asmp
Author
Brinqa
Source
Internal marketplace
Brinqa
Group-IB solution
Threat Intelligence
Threat Intelligence
Ngfw
Author
Group-IB
Source
Product Help Center
Cisco ASA
Group-IB solution
Threat Intelligence
Threat Intelligence
Soar
Author
Group-IB
Source
Public Marketplace
Cortex XSOAR
Group-IB solution
Threat Intelligence
Threat Intelligence
Tip
Author
Cyware
Source
Internal marketplace
Cyware CTIX
Group-IB solution
Threat Intelligence
Threat Intelligence
Tip
Author
EclecticIQ
Source
Internal marketplace
EclecticIQ Platform
Group-IB solution
Threat Intelligence
Threat Intelligence
Soar
Author
Group-IB
Source
Internal marketplace
Google SecOps
Group-IB solution
Digital Risk Protection
Digital Risk Protection
Soar
Author
Group-IB
Source
Internal marketplace
Google SecOps
Group-IB solution
Threat Intelligence
Threat Intelligence
Siem
Author
Group-IB
Source
Public Marketplace
IBM Security QRadar SIEM
Group-IB solution
Digital Risk Protection
Digital Risk Protection
Siem
Author
Group-IB
Source
Product Help Center
LogRhythm SIEM
Group-IB solution
Threat Intelligence
Threat Intelligence
Tip
Author
Group-IB
Source
Product Help Center
MISP
Group-IB solution
Threat Intelligence
Threat Intelligence
Tip
Author
Group-IB
Source
Public repository
Filigran OpenCTI
Group-IB solution
Threat Intelligence
Threat Intelligence
Ngfw
Author
Group-IB
Source
Product Help Center
Palo Alto FireWall
Group-IB solution
Threat Intelligence
Threat Intelligence
Siem
Author
Group-IB
Source
Public Marketplace
Splunk ES
Group-IB solution
Threat Intelligence
Threat Intelligence
Soar
Author
Group-IB
Source
Public Marketplace
Splunk SOAR
Group-IB solution
Threat Intelligence
Threat Intelligence
Tip
Author
Splunk
Source
Internal marketplace
Splunk TruSTAR
Group-IB solution
Threat Intelligence
Threat Intelligence
Soar
Author
Swimlane
Source
Public Marketplace
Swimlane
Group-IB solution
Threat Intelligence
Threat Intelligence
Tip
Author
Group-IB
Source
Public Marketplace
ThreatConnect
Group-IB solution
Threat Intelligence
Threat Intelligence
Tip
Author
ThreatQ
Source
Public Marketplace
ThreatQ
Group-IB solution
Threat Intelligence
Threat Intelligence
Tip
Author
Vertex Synapse
Source
Public Marketplace
Vertex Synapse
Group-IB solution
Threat Intelligence
Threat Intelligence
Tip
Author
Liberty91
Source
Public Marketplace
Liberty91
Group-IB solution
Threat Intelligence
Threat Intelligence
Siem
Author
Group-IB
Source
Public Marketplace
Splunk ES
Group-IB solution
Digital Risk Protection
Digital Risk Protection
Cloud
Author
Group-IB
Source
Product Help Center
AWS
Group-IB solution
Attack Surface Management
Attack Surface Management
Cloud
Author
Group-IB
Source
Public Marketplace
AWS
Group-IB solution
Fraud Protection
Fraud Protection
Anti-fraud
Author
FICO
Source
Product Help Center
FICO Falcon
Group-IB solution
Fraud Protection
Fraud Protection
Anti-fraud
Author
Emcrey
Source
Product Help Center
Emcrey
Group-IB solution
Fraud Protection
Fraud Protection
Anti-fraud
Author
GBG
Source
Product Help Center
GBG Instinct
Group-IB solution
Fraud Protection
Fraud Protection
Anti-fraud
Author
GBG
Source
Product Help Center
GBG Predator
Group-IB solution
Fraud Protection
Fraud Protection
Saml
Author
Group-IB
Source
Product Help Center
Google Workspace
Group-IB solution
Unified Risk Platform
Unified Risk Platform
Anti-fraud
Author
IBM
Source
Product Help Center
IBM Safer Payments
Group-IB solution
Fraud Protection
Fraud Protection
Anti-fraud
Author
Ingenious
Source
Product Help Center
Ingenious Intuition
Group-IB solution
Fraud Protection
Fraud Protection
Soar
Author
Group-IB
Source
Public repository
Microsoft Sentinel
Group-IB solution
Threat Intelligence
Threat Intelligence
Email
Author
Group-IB
Source
Product Help Center
Microsoft 365
Group-IB solution
Business Email Protection
Business Email Protection
Saml
Author
Group-IB
Source
Product Help Center
Microsoft Entra ID
Group-IB solution
Unified Risk Platform
Unified Risk Platform
Cloud
Author
Group-IB
Source
Product Help Center
Microsoft Azure
Group-IB solution
Attack Surface Management
Attack Surface Management
Saml
Author
Group-IB
Source
Product Help Center
Okta SSO
Group-IB solution
Unified Risk Platform
Unified Risk Platform
Anti-fraud
Author
SAS
Source
Product Help Center
SAS Fraud
Group-IB solution
Fraud Protection
Fraud Protection

Get the most out of our flexible API
Integration

Group-IB’s products feature a JSON API available across all solutions, providing seamless access to the Unified Risk Platform. Designed for simplicity and efficiency, it supports multiple integration scenarios, including REST and Pull methods, ensuring flexibility for any use case. Best of all, API usage is included with all product licenses at no additional cost.

Beyond our portfolio of native integrations, we offer a range of custom options and access to multiple APIs
Threat Intelligence

Our REST API empowers custom integrations, providing comprehensive and detailed access to every aspect of Threat Intelligence data within the portal

STIX/TAXII 2.0/2.1, the well-known standards in the Threat Intelligence industry, enabling standardized data sharing through STIX objects and smooth integration with other platforms

Custom tools such as Postman collections, library and console export utility are also available

Our Fraud Protection solution provides three main methods of data exchange, ensuring smooth deployment in a variety of environments
Fraud Protection
Broker-Based Push
  • RabbitMQ – A lightweight, easy-to-deploy message broker for real-time event streaming
  • IBM MQ – A robust enterprise-grade message queue for organizations with established IBM infrastructures
  • Apache Kafka – A high-throughput, distributed streaming platform designed for real-time and historical data processing
REST API Push
  • Direct to Your Application Gateway – Our API can push alerts and event data to your protected application's infrastructure
  • Multi-Stream Support – Transmit data in parallel streams for high-volume scenarios, whether in real time or bulk
REST API Pull
  • On-Demand Data Retrieval – Request fraud event data as needed via our REST API
  • Flexible Scheduling – Poll at a frequency that suits your business processes or application workloads
Group-IB's Managed Extended Detection and Response (XDR) solution offers a variety of integration options to enhance and streamline your organization's cybersecurity infrastructure
Managed XDR

Syslog (JSON) and Common Event Format (CEF) across XDR platform. It enables the forwarding of log data and security events to various systems, ensuring centralized monitoring and analysis

REST API is available across the  platform to facilitate seamless communication and data exchange between Group-IB XDR and other security tools, allowing for customized integrations tailored to specific organizational needs

XDR Network Protection supports integration with web proxies and content filtering solutions via ICAP, enhancing the inspection and management of web traffic, including files

Group-IB’s Business Email Protection (BEP) solutions offers a variety of integration options to enhance and streamline your organization’s email flow
Business Email Protection

BEP can be integrated with any cloud, hybrid or on-premises email solutions to detect and disrupt attacks

REST API is available across the  platform to facilitate seamless communication and data exchange between Group-IB BEP and other security tools, allowing for customized integrations tailored to specific organizational needs

Natively integrated into Group-IB Managed XDR

Group-IB's Attack Surface Management (ASM) solution offers several integration options to enhance your organization's cybersecurity posture
Attack Surface Management

ASM provides a comprehensive REST API that allows seamless integration with various security tools and platforms. This enables organizations to automate asset discovery, vulnerability assessments, and remediation processes by connecting ASM with existing security information and event management (SIEM) systems, ticketing systems, and other security operations tools

Native cloud integrations for Azure and AWS to enable ASM to discover, monitor, and assess the security posture of your Azure and AWS resources

Postman collections and python library are available for developers and engineers

Group-IB's Digital Risk Protection (DRP) solution offers integration capabilities primarily through list of native integrations and also API capabilities
Digital Risk Protection

REST API enables organizations to seamlessly incorporate DRP's functionalities into their existing security infrastructures, facilitating automated monitoring, detection, and response to digital threats

DRP Postman configurations and python library are available for developers and engineers

Leverage custom tools for enhanced
efficiency

Even if native integration isn’t yet available for your solutions, Group-IB offers tailored tools to enhance your infrastructure with rapid integration and custom workflows

post

Postman configurations

Seamlessly add Threat Intelligence, Digital Risk Protection, and Attack Surface Management to your systems through our customizable Postman configuration. Our ready-to-use setup simplifies API testing and data extraction, letting you incorporate Group-IB’s insights into your workflows.

export

Export utility

Our Data Export Utility provides a streamlined approach to exporting threat intelligence data from Group-IB Threat Intelligence. Tailored for advanced users, this console application enables batch data exports in different formats, making data handling and offline analysis easier.

python

Python library

Group-IB’s Python Library offers a cohesive, developer-friendly interface across Attack Surface Management, Digital Risk Protection, and Threat Intelligence. With unified functions and streamlined code, developing integrations is now smooth and efficient.

Request consultation