Get 24/7 incident response assistance from our global team
- APAC: +65 3159 4398
- EU & NA: +31 20 890 55 59
- MEA: +971 4 540 6400
Get 24/7 incident response assistance from our global team
Please review the following rules before submitting your application:
1. Our main objective is to foster a community of like-minded individuals dedicated to combatting cybercrime and who have never engaged in Blackhat activities.
2. All applications must include research or a research draft. You can find content criteria in the blog. Please provide a link to your research or research draft using the form below.
Proper incident response allows to clearly understand the scope and develop appropriate measures to effectively contain the threat and prevent any additional damage.
Clear understanding of the incident based on proper digital forensics examination and malware analysis allows you to develop efficient strategy for remediation and recovery.
The reconstructed attack lifecycle provides you clarity on weaknesses of the affected systems. This knowledge enables to build proper prevention and detection capabilities to enhance overall security of the organization.
For the third year in a row, human-operated ransomware attacks have remained the most prominent and devastating threat.
Based on the everyday analysis and cyber threat intelligence activity, our Incident Response team revealed the tools and techniques most frequently used by ransomware affiliates and applies that knowledge in every Incident Response service engagements.
More about ransomware attacks response:
companies are dissatisfied with the speed of response to incidents
companies face repeated incidents when responding incorrectly
provided to prevent cyber attacks, eradicate fraud, and protect brands.
with globally distributed team, ubiquitous reach, efficient investigations
turning insights into actionable cybersecurity strategies
giving us the full threat landscape visibility
Group-IB Incident Response specialists are able to quickly stop and investigate hacker attacks, understand how cybercriminals penetrate a company’s network, and prevent them from stealing money and valuable data.
As soon as cybercriminals penetrate your network, they could achieve their goals within weeks or even hours. Many organizations fail to detect malicious activity promptly, however, because the methods, tools and tactics used by hackers are always improving.
Incident Response is a set of procedures and actions to prepare for, detect, stop, and recover from an information security incident.
It is possible to decrypt files after a ransomware attack in rare cases only. Usually, if there are no backups it is impossible to recover the data.
We need a signed 3-way NDA (non-disclosure agreement between you, us and the partner) and issued PO (purchase order) or service engagement letter.
Incident Response service is being priced by hours of the response engagement for each specialist involved.
We expect our clients to perform following actions:
Our Incident Response team leverages an in-house solution – Group-IB Managed XDR, which enables advanced protection, rapid collection of forensic data and containment of compromised hosts, as well as 24/7 monitoring and notification supported by CERT-GIB.
We install EDR agents and for two weeks after responding to the incident, the CERT-GIB team will monitor the infrastructure so your IT team has time to implement our recommendations.
While the incident is going, you will be supported by our account manager. Depending on the type of incident, we will allocate not only incident responder, but digital forensics specialist, malware analyst and a cyber threat intelligence specialist.
On average, there are 2 DFIR specialists allocated for each incident. Depends on a complexity of the incident could be up to 5 specialists.