CERT-GIB – Computer Emergency Response Team, Group-IB.

Additional Info

Job title of nominated professional (or team name)Computer Emergency Response Team
Company (where nominated professional or team is working)Group-IB
Company size (employees)500 to 999
Headquarters RegionAsia


CERT-GIB, opened in 2011, became the first certified private emergency response services in Eastern Europe and currently is one of the largest ones in the region. CERT-GIB is a round-the-clock first technical emergency aid tasked with helping to contain the threat and bring trusted incident responders, forensic analysts, and investigation experts on the scene, if needed, to eliminate costly delays. As part of CERT-GIB, a Security Operation Center (SOC) has been set up, with its employees monitoring cybersecurity incidents in international companies using various cybersecurity systems and solutions, including the system for the detection of targeted attacks at an early stage, Group-IB Threat Hunting Framework, and the system that monitors, analyzes and predicts cyberthreats — Group-IB Threat Intelligence & Attribution.
The experts of CERT-GIB ensure the round-the-clock support for incident response and can send a mobile unit to the incident site to control the relevant procedures and gather digital evidence. CERT-GIB is also authorized to block malware distribution websites, as well as phishing and fraudulent websites in over 2,500 domain zones.
By detecting anomalies and analyzing malware, Group-IB’s security analysts prevent severe data breaches and network infections and detect vulnerabilities within an organization’s perimeter.
CERT-GIB is a member of the following associations:
• A member of the Forum of Incident Response and Security Teams (FIRST)
• An accredited member of Trusted Introducer (Association of European Security and Incident Response Teams)
• A partner of the International Multilateral Partnership against Cyber Threats (IMPACT)
• A member of OIC-CERT (Organisation of The Islamic Cooperation — Computer Emergency Response Teams)
• CERT-GIB is officially authorized by Carnegie Mellon University (Pittsburgh, USA) and licensed to use the «CERT» trademark in its name
• Signed memorandums of cooperation with Computer Emergency Response Teams worldwide
• A member of APWG international coalition (Anti-Phishing Working Group)


• Human proficiency
- Strategic team with a global vision and able to adjust defense methods to different verticals
- Close collaboration with Digital Forensics Laboratory, Threat Intelligence & Attribution and Investigation teams
• Intelligence-driven
- Use of world-class proprietary threat intelligence
- Context analysis to foresee sophisticated cyber threats behind trivial events
- Development of cutting-edge solutions to improve cybersecurity practices
• In-depth expertise in APTs
- In-depth insights into various types of attack and how they are spread
- Identification of threats behind «legitimate» actions
- Extensive knowledge of cybercriminals’ tools and techniques