Emergency Aid!
  • English
  • Türkçe

With TDS, you can detect any malicious code targeting your network using threat intelligence data and machine learning technologies:

  • Targeted threats and zero-day attacks
  • Harmful documents
  • Banking trojans
  • Intelligence software
  • Mobile trojans
  • Remote access tools
  • Back doors
  • Other threats

The TDS solution consists of 3 modules that can be used independently of each other:

TDS Sensor:

  • It analyzes all incoming and outgoing data packets with traces and filtering rules according to Group-IB's developed threat data.
  • From the devices infected with the malware, the C&C; Detects servers.
  • Detects anomalies created by malware on your network with machine learning algorithms.
  • Detects unknown malicious codes by integrating with the Polygon behavioral analysis system.
  • Transmits data about detected events to the Group-IB cloud data center (SOC) or your internal log storage system.

TDS Polygon:

By analyzing suspicious objects coming via TDS in a secure environment, you can prevent common attack vectors:

  • Phishing emails
  • Web browser attacks
  • Attacks using unknown malware and tools

Your files are analyzed without leaving your company network, and their confidentiality is guaranteed. Independent threat analysis is performed according to machine learning classifications.

SOC Group-IB:

You can get 24/7/365 technical support from Group-IB experts for manual log analysis and evaluation of critical events.

  • Captured events are grouped by type and analyzed manually by Group-IB experts.
  • Customers are notified of attacks by phone or email.
  • Group-IB experts can come and investigate the scene to obtain digital evidence.

SPECIAL THREAT DATA SOURCES

Thanks to Group-IB's high-tech infrastructure, critical events can be effectively detected using collected threat data, filter rules and signatures.

INTELLIGENCE

Exclusive intelligence on malicious programs, new attack tactics and C&C; Information about server addresses and modified versions of known viruses is at your fingertips.

Forensic ANALYSIS

Attack markers and other information collected from actual targeted attacks are collected by Group-IB's forensic analysis laboratory.

MACHINE LEARNING

Advanced machine learning technologies enable detection of previously unknown malicious codes and modeling of new attack tactics.

Your Security is Guaranteed Thanks to Machine Learning

Thanks to Group-IB's machine learning technology, analysis is performed using security expertise and intelligence information collected since 2003. Based on the analysis results, Group-IB has developed a classification standard that is frequently updated. The machine learning process is controlled by experienced analysts who minimize false positive findings.

HOW DOES TDS THREAT DETECTION SYSTEM WORK

TDS SENSOR

  • C&C of infected devices; It detects their interaction with the servers.
  • Identifies network anomalies created by malware with machine analysis algorithms.
  • Detects unknown malicious codes by integrating with the Polygon behavioral analysis system.
  • Transmits information about detected events to the Group-IB cloud data center (SOC) OR your internal log storage system.

TDS POLYGON

  • Polygon analyzes files from TDS in an isolated environment and makes independent assessments of threat levels.
  • Suspicious files do not leave your company's network, their confidentiality is guaranteed.
  • You can explore further investigation and response options by contacting Group-IB.

SOC GROUP-IB

  • Detected events are grouped by type and analyzed manually by Group-IB experts.
  • Data is analyzed 24/7/365.
  • Instant notifications about all detected threats are delivered to your organization through a special communication channel.

Maximum Comfort

Get effective support with the web-based ticket system.

Cloud Interface

All threat reports can be accessed via the easy-to-use web interface.

Effective Support

Internal ticket system, incident identification and intervention for communication with your employees can be integrated into the local web interface.

Informative Reports

With visualized statistics based on event durations and types, customers can track changes in attack dynamics and style. SIEM Integration Event streams can be automatically transferred to SIEM and log storage systems with a standard syslog mechanism.

By outsourcing log analysis to CERT-GIB experts, you can focus on incident response yourself.

  • Deep experience based on real threats, digital forensics capabilities and criminal investigations
  • Highest standards in international incident response: CERT-GIB is a member of FIRST, the largest of the Trust Inducer and response teams.