Mirage's Notebook πŸ“–

    Sekoia

    🧠 SEKOIA.IO

    SEKOIA.IO is a European cybersecurity platform offering advanced threat detection, threat intelligence, and SOC automation capabilities. It is designed to help organizations detect, investigate, and respond to cyber threats efficiently.

    πŸ” Overview

    • Type: Cyber Threat Intelligence & Detection-as-a-Service
    • Headquarters: France πŸ‡«πŸ‡·
    • Focus:
      • Threat Intelligence
      • Security Information and Event Management (SIEM)
      • Threat Detection & Response (TDR)
      • SOC Automation

    🧠 Core Offerings

    πŸ“‘ SEKOIA.IO CTI (Cyber Threat Intelligence)

    • Premium curated threat intelligence feeds
    • Covers APTs, malware, infrastructure, IOCs, TTPs
    • Mapped to MITRE ATT&CK framework
    • Real-time & historical intelligence

    πŸ›‘οΈ SEKOIA.IO XDR (Extended Detection & Response)

    • Cloud-native detection engine
    • Analyzes logs and telemetry from endpoints, cloud, network
    • Prebuilt & custom detection rules
    • MITRE ATT&CK correlation engine

    βš™οΈ SEKOIA.IO TDR Platform

    • Central hub for threat detection, analysis, and response
    • Integrates with SIEMs, EDRs, firewalls, proxies, etc.
    • Enrichment, contextualization, and automated triage
    • Graph-based attack investigation

    πŸ” Playbooks & Automation

    • Visual no-code playbook builder
    • Automate triage, enrichment, escalation, and remediation steps
    • Compatible with popular SOAR workflows

    🚨 Use Cases

    • Threat hunting and intelligence-led detection
    • Automation of SOC operations
    • Detection of advanced persistent threats (APTs)
    • Enrichment and contextualization of alerts
    • MITRE ATT&CK-based threat modeling

    πŸ” Integrations

    • EDRs: CrowdStrike, SentinelOne, Microsoft Defender
    • SIEM: Splunk, Elastic, QRadar, etc.
    • Firewalls: Fortinet, Palo Alto, Check Point
    • Ticketing: TheHive, Jira, ServiceNow
    • Cloud: AWS, Azure, GCP

    πŸ“Š Intelligence Portal

    • IOC lookup and enrichment
    • Actor profiles and campaigns
    • TTP and malware tracking
    • API and STIX/TAXII support

    πŸ“š Resources

    πŸ§ͺ Licensing & Deployment

    • Cloud-native SaaS platform
    • APIs available for custom integrations
    • Licensing per log source or endpoint volume
    • Free trial available for CTI
    • MITRE ATT&CK
    • Threat Intelligence
    • SOC Automation
    • SIEM
    • XDR
    • SOAR
    • EDR Integration

    🏷️ Tags

    #sekoia
    #threatintelligence
    #cti
    #xdr
    #tdr
    #socautomation
    #cybersecurity
    #mitreatt&ck
    #soar
    #siem
    #loganalysis
    #ioc

    ← Purple Knight By Semperis
    Silver-fort β†’