Features | Standard | Pro | Enterprise |
---|---|---|---|
Endpoint Forensics Data Retention for Threat Hunting | 7 Days | 14 Days | 30 Days |
Forensic Data Collection from Endpoints | ✔ | ✔ | ✔ |
Threat Intelligence Feed | ✔ | ✔ | ✔ |
Asset Inventor | ✔ | ✔ | ✔ |
Application Allow and Deny list | ✔ | ✔ | ✔ |
Suspicious File Detonation | – | ✔ | ✔ |
Bios Setup/ UEFI Firmware Threat Protection | – | ✔ | ✔ |
Threat Hunting Console | ✔ | ✔ | ✔ |
Full Malware Detonation Reports with Deep IOCs and Analytical Evidence | – | ✔ | ✔ |
Threat attribution | – | ✔ | ✔ |
Group-IB Cloud-to-Ground Tunneling ® Technology to improve detonation | – | ✔ | ✔ |
Group-IB VM Morphing ® Technology | – | ✔ | ✔ |
Flexible Automated Environment Adaptation | – | ✔ | ✔ |
Features | Standard | Pro | Enterprise |
---|---|---|---|
Antivirus protection | ✔ | ✔ | ✔ |
Spam filtering | ✔ | ✔ | ✔ |
Policy-based content filtering | ✔ | ✔ | ✔ |
Email history and logs | 14 Days | 30 Days | 60 Days |
Malicious email blocking | ✔ | ✔ | ✔ |
Malware & Links Detonation (sandbox) | – | ✔ | ✔ |
Full Malware Detonation reports with deep IOCs and analytical evidence | – | ✔ | ✔ |
Threat attribution | – | ✔ | ✔ |
Group-IB Cloud-to-Ground Tunneling Technology to improve detonation | – | – | ✔ |
Group-IB VM Morphing Technology | – | – | ✔ |
Flexible Automated Environment Adaptation | – | – | ✔ |
On-prem availability | – | ✔ | ✔ |
XDR – Extended Detection and Response
Features | Standard | Pro | Enterprise |
---|---|---|---|
XDR Correlation | ✔ | ✔ | ✔ |
Consolidated Data lake across Telemetry | ✔ | ✔ | ✔ |
Incident management | ✔ | ✔ | ✔ |
Integrated Threat Intelligence | ✔ | ✔ | ✔ |
Single Incident Response Console | ✔ | ✔ | ✔ |
TI Graph View | – | ✔ | ✔ |
Upload Suspicious file for Detonation | – | ✔ | ✔ |
Interactive Sandbox Environment | – | – | ✔ |
Support | 8×5 Messaging & email |
24×7 Phone & Chat & email |
24×7 Phone & Chat & email |
API | – | ✔ | ✔ |
EDR – Endpoint Protect and Response
Features | Standard | Pro | Enterprise |
---|---|---|---|
Endpoint Forensics Data Retention for Threat Hunting | 7 Days | 14 Days | 30 Days |
Forensics Evidence Collection | ✔ | ✔ | ✔ |
Streamlined response | ✔ | ✔ | ✔ |
Indicators of Compromise Collection | ✔ | ✔ | ✔ |
Asset Inventory | ✔ | ✔ | ✔ |
Application Allow and Deny list | ✔ | ✔ | ✔ |
Suspicious File Detonation | – | ✔ | ✔ |
Bios Setup/ UEFI Firmware Threat Protection | – | – | Coming |
BEP – Business Email Protection
Features | Standard | Pro | Enterprise |
---|---|---|---|
Antivirus protection (Cloud Only) | ✔ | ✔ | ✔ |
Spam filtering (Cloud Only) | ✔ | ✔ | ✔ |
Policy-based content filtering (Cloud Only) | ✔ | ✔ | ✔ |
Email history and logs | 14 Days | 30 Days | 60 Days |
Malicious email blocking | ✔ | ✔ | ✔ |
Malware & Links Detonation (sandbox) | – | ✔ | ✔ |
Full Malware Detonation reports with deep IOCs and analytical evidence | – | ✔ | ✔ |
Threat attribution | – | ✔ | ✔ |
Group-IB Cloud-to-Ground Tunneling Technology to improve detonation | – | – | ✔ |
Group-IB VM Morphing Technology | – | – | ✔ |
Flexible Automated Environment Adaptation | – | – | ✔ |
On-prem availability | – | ✔ | ✔ |
NTA – Network Traffic Analysis
Features | Standard | Pro | Enterprise |
---|---|---|---|
Network Traffic history and logs | 14 Days | 30 Days | 60 Days |
NTA Virtual Appliances | 1 | 10 | 30 |
Full NTA Functionality | ✔ | ✔ | ✔ |
Network File Intercept and Detonation | – | ✔ | ✔ |
Malware Detonation Platform (Sandbox)
Features | Standard | Pro | Enterprise |
---|---|---|---|
Threat attribution powered by Group-IB Threat Intelligence | – | ✔ | ✔ |
Group-IB Cloud-to-Ground Tunneling Technology to improve detonation | – | – | ✔ |
Flexible Automated Environment Adaptation | – | – | ✔ |
Attack Surface Management
Features | Standard | Pro | Enterprise |
---|---|---|---|
Flexible Automated Environment Adaptation | – | Option | Included |