The integration of SEKOIA.IO into the ThreatQ platform offers public and privately owned businesses in Europe contextualised information about the threat.
Paris, 15 February 2021 – ThreatQuotient, the main innovative player in the security operations and threat information management market, and SEKOIA, the French deeptech specialist in anticipating cyber threats, have announced technological integration, with the availability of the SEKOIA.IO connector on the ThreatQ platform.
Contextualised, localised threat information
The two threat intelligence specialists have taken a basically similar approach since 2016: their common aim is to help businesses with their CTI strategy so they can use contextualised data. At the beginning of 2021 they have linked up, offering critical infrastructures and European SOCs the possibility of having a local database (markers, indicators of compromise and TTPs).
SEKOIA has an internal team of a dozen analysts in charge of manual research, context analysis and creating new trackers. It brings a European focus to highly qualified information on cyber threats for critical infrastructures and operators of vital importance (OIVs), targeted by ThreatQuotient.
SEKOIA’s data structure presents the activities of cybercriminal groups in a multifaceted way. This offers the capacity to anticipate and operationalise the cyber chain in ThreatQ for SOC managers or CERT directors and, at the same time, provides strategic information to help management teams make decisions.
Yann Le Borgne, European Technical Director at ThreatQuotient: “What really interested us about SEKOIA is the work they have done on information and the strong added value provided by their contextualisation work, particularly using FLINT strategic supports. SEKOIA’s strength also lies in the fact that threat information is created as the hackers advance, and is distributed in the feed even before any actual threat has been found.”
A strategic view of CTI allows real anticipation
One image provides a simplified representation of the strength of the SEKOIA.IO feed: a GPS tracker placed under a car. SEKOIA’s teams follow the slightest movements of groups of attackers as they advance and leave traces on the internet, allowing their movements to be captured in real-time. This collected information is distributed in the feed accessible to ThreatQuotient clients, which becomes an all-in-one tool reporting both technical and operational indicators.
The particular feature of this feed is that it allows both analysts and managers to consume threat intelligence for their own purposes. If agents know how to operationalise the information, they can even protect themselves before these indications become real threats.
David Bizeul, SEKOIA CTO: “We have designed SEKOIA threat intelligence to be both exhaustive and hyper-specific. Exhaustive because a very large part of the cyber news that we structure is modelled on data graphs, adding our own analyses. Specific because our trackers collect indicators associated with the attackers’ cutting-edge tools. ThreatQuotient has been able to integrate all this contextualised material brilliantly so that each client can interpret it depending on their needs.”
SEKOIA and ThreatQuotient are organising a webinar on 9 March 2021 at 10am to demonstrate the information drawn from recent ransomware attacks, such as Ryuk, Maze and Egregor.
ThreatQuotient’s mission is to improve the effectiveness and efficiency of security operations using a threat-focused platform. By integrating an organisation’s processes and technologies in a single security architecture, ThreatQuotient speeds up and simplifies research and cooperation within and between teams and tools, supporting their incident response and threat hunting, and using a threat intelligence platform. Thanks to automation, prioritisation and visual display, ThreatQuotient solutions reduce noise and highlight the priority threats so that limited resources can be better targeted and decisions confirmed. ThreatQuotient’s headquarters are in Reston, Virginia, with international operations in Europe and APAC. For more information: https://threatquotient.com.
SEKOIA is a French deeptech specialist in anticipating cyber threats set up in 2008. It offers a modern cybersecurity platform called SEKOIA.IO, which anticipates and detects threats and automates the correct responses.
Sold in SaaS mode since January 2020, SEKOIA.IO can be adapted to all technological environments. It detects and analyses around a billion events every month.
More than just a business, SEKOIA is a testbed for dealing with new forms of threat. It is proud of its European base and advocates the strength of the group as protection against cybercriminals to keep businesses on course. Today, SEKOIA has 90 employees and participates actively in the defensive security community in France and Europe. For more information: SEKOIA.IO.
ThreatQuotient – Marie Vasseur firstname.lastname@example.org 06 64 90 32 47
Alice Debiée email@example.com 06 62 14 46 93
SEKOIA – Justine Boiramier firstname.lastname@example.org 06 50 31 86 24