Threat Detection System

Comprehensive solution to protect corporate network, hunt for threats and respond to even the most complex cyber attacks

Сервисы для обнаружения целевых атаки

Meeting key information security challenges

Detection of complex targeted attacks at an early stage
Prevention of financial and reputation loss
Protection of internal networks, email, and file storage systems
Anomaly detection in the information and operational technology networks

High level of protection guaranteed

  • In-depth understanding of threats

    Extensive insight thanks to data contained in Group-IB’s proprietary Threat Intelligence system, deemed among the best in its class by top agencies such as  Gartner, IDC and Forrester

  • Hands-on experience in incident response

    Our experience in responding to incidents and investigating cyber crimes helps us be the first to detect the use of new tools

  • Modern technologies

    File behaviour analysis, unique signatures, detection of network anomalies through machine learning

Detection of attacker infrastructure on a global scale

Technology conceived to collect a large amount of data and unique search algorithms designed to find connections help detect infrastructure that hackers intend to use in future attacks

4.2 billion
IP addresses — daily scan of the entire IPv4 address range
145 million
SSH keys
211 million
domains and archived data from the past 17 years
1.6 billion
SSL certificates

TDS modules

Managed detection & response 24/7


  • Alerts monitoring
  • Remote response
  • Anomaly analysis
  • Incident management
  • Threat Hunting
  • Critical threats analysis

Detecting infrastructure management & data analysis

TDS Huntbox

  • Internal Threat Hunting
  • External Threat Hunting
  • Retrospective analysis
  • Correlation & attribution
  • Modules management
  • Data storage
  • Single interface
  • Events analysis
IoCs& events

Attacks detection & prevention

TDS Sensor

Network Research & Protection
  • Traffic analysis
  • Files extraction
  • Anomalies detection

TDS Polygon

Malware Detonation & Research
  • Isolated environment
  • Files analysis
  • Links analysis

TDS Huntpoint

Behaviour Inspection & Host Forensics
  • Events logging
  • Threats detection
  • Response at hosts

TDS Sensor Industrial

Analysis of industrial control systems
  • Traffic analysis
  • Support for industrial
  • Collection of information on firmware versioning
  • Software integrity control

TDS Decryptor

Decrypting TLS/SSL traffic in the protected infrastructure

Understanding attackers and their tools helps identify even the most complex threats

  • Identification of complex attacks and tools:

    spear-phishing campaigns, social engineering techniques, legitimate utilities, and other tools used by advanced groups

  • Coverage of the main infection vectors:

    email, browsers, removable media, local networks, client applications, supply chain attacks

  • Detection of infected mobile devices:

    TDS detects mobile Trojans when a device is connected to a corporate Wi-Fi network

At the client’s request, the solution can be configured to block threats in real time

  • Email protection

    when set in inline mode, the solution analyses files and links in an isolated environment and blocks malicious objects spread by email

  • File storage protection

    when integrated with file storage systems, the solution detects and blocks malicious files before they are launched in a real environment

  • Traffic protection:

    when integrated via ICAP TDS can block malicious files downloaded from the internet

Flexible settings and integration options

For special facilities

To meet regulatory requirements, all data can remain within the perimeter

For small and medium businesses

Group-IB experts help quickly set up and configure the solution

For large businesses and complex network infrastructures

For customers who require complex architectural solution settings, Group-IB’s team designs tailored settings options that take into account the customer’s and the industry’s specific requirements

Ready-to-use integration

with SIEM, event & log storage systems


Does not affect the company infrastructure’s performance

Technical information on typical integration optionsRead more

Additional benefits

User-friendly web interface

  • Representative visualisation of incidents
  • Management of all components from a single window

Detailed reports

  • Full context and in-depth analysis
  • Clear account of event types and timelines

Effective communication

  • Full support in English
  • Most issues resolved within 10 minutes

Insurance included!

By purchasing TDS, a policy will be automatically taken out with one of the largest insurance companies in the world, AIG. The policy covers risks of corporate or personal data leaks and computer system security breaches caused by infected or lost data.

In some cases, cybercriminals resort to not only malware, but also social engineering, fraud, or bribing employees. Group-IB’s clients are protected against such complex attacks as well.

It is important that we find out about new types of threats as soon as possible and promptly respond to them, all the while limiting any potential risks. We have decided to develop our range of sandboxes, focusing above all on detecting zero-day threats.
Zero-day attacks are arguably the most dangerous and can be detected only by using intelligent behavioural analysis systems that make it possible to examine files before they reach a user’s computer. During testing, TDS Polygon demonstrated a high level of effectiveness and accuracy for the strategy we chose. The product is now successfully used in «combat» mode.
Dmitry Gadar Head of Information Security at Tinkoff Bank

Success Stories

Request a live demo of Threat Detection SystemSend request

Try TDS in action — VM installation for easy access. Please leave us your contact information to arrange a free proof of concept.

Report an incident

24/7 Incident Response Assistance +65 3159-4398

Thank you for the inquiry! We will contact you soon.

We use cookies on the website to make your browser experience more personal, convenient and secure. You may block or manage the use of cookies, however, in some cases they’re essential to make this site work properly. Learn more about cookies in Group-IB Privacy And Cookies Policy.

Report an incident
All you need to know to #StayCyberSafe