KuppingerCole Analysts AG Names Group-IB a Product Leader for Threat Detection System

SINGAPORE, July 29, 2020 /PRNewswire/ — Group-IB, a global threat hunting and intelligence company headquartered in Singapore, was included in KuppingerCole Analysts AG‘s 2020 report “Leadership Compass for Network Detection and Response” for its Threat Detection System (TDS), a solution combining proactive protection against sophisticated threats and proactive global threat hunting. KuppingerCole Analysts AG, a Europe-based independent analyst organization, identified Group-IB as a “product leader” and “innovation leader” for TDS’ security, wide NDR functionality, and unique integration capabilities. KuppingerCole analysts particularly noted TDS’s capability for industrial applications and the company’s innovativeness – a key capability in all IT market segments.

Group-IB TDS, trusted by banks, financial organizations, and industrial enterprises in dozens of countries in Western Europe, Africa and South-Eastern Asia, embodies adversary-centric approach and ensures protection against the most complex targeted attacks and advanced persistent threats (APTs), effective automated response and mitigation in a single platform. This adversary-centric approach is implemented through TDS enrichment with information from Group-IB’s attribution-based Threat Intelligence system that holds the most up-to-date data on indicators of compromise, attackers and their TTPs, securing precise attribution of cyberattacks to a specific threat actor.

Group-IB TDS includes for major modules – TDS Sensor, TDS Polygon, TDS Decryptor, TDS Huntpoint, TDS Huntbox – that ensure correlation of internal and external telemetry data for effective threat hunting and analysis that can detect sophisticated attacks at the preparation stage.

“Group-IB is a provider of high-quality threat intel, which is also used by their products as well as shared with Cyber Threat Alliance, global CERTs, Europol, Interpol, etc.,” KuppingerCole Analysts AG said in its report. “Group-IB’s TDS is one of the most feature-rich NDR solutions in the market. It exceeds expectations for NDR functionality … Organizations that need a full range of NDR capabilities, especially for industrial applications, should consider Group-IB TDS.”

In its report, KuppingerCole Analysts AG, in particular, highlighted Group-IB TDS’ ability to detect lateral movement and communications with attackers’ CnC servers thanks to anomaly detection algorithms (such as domain generation algorithms analysis) and gave credits to TDS analyzing malware leveraging unsupervised machine learning models.

“Group-IB is honored to have its TDS listed in KuppingerCole Analysts AG ‘Leadership Compass for Network Detection and Response,'” comments Group-IB CTO and Threat Intelligence head Dmitry Volkov. “Masterminding its Threat Detection System, Group-IB sought to create a single solution for the protection of both corporate and industrial networks that would combine threat hunting with automated incident management and response. As a result, one of a kind solution emerged that is capable of distinguishing relevant attacks and attackers’ infrastructures at a preparation stage and whose constant enrichment with threat intelligence data ensures precise correlation and attribution of threats.”

About Threat Detection System

Group-IB Threat Detection System is a comprehensive solution that efficiently detects and prevents complex targeted attacks in corporate and technological networks. The system identifies infections that are overlooked by traditional security tools such as antivirus software, firewalls, and intrusion prevention systems.

Group-IB TDS uses unique threat intelligence data on hacking activities, including data on TTPs used by perpetrators, recently emerged malicious programs, C&C server addresses, etc. Enriching TDS with Threat Intelligence data and exposing hidden attacker infrastructure helps the system detect even the most complex targeted attacks.

In order to be effective, systems for detecting and blocking targeted attacks should not only carry out static and dynamic file analysis, but also apply dozens of specific techniques. Group-IB TDS has proved to be effective in various infrastructures in over 60 countries worldwide.