Sekoia combines XDR with cyber intelligence

Born from the separation of the consulting and solutions activities of the company Sekoia, which specializes in the fight against cyber threats and intelligence, is gaining momentum. From XDR to real-time detection supported by an AI engine, the platform also features qualified SecNumCloud hosting to stand out from the crowd.

In the crowded French cybersecurity market, Sekoia occupies an original place. Originally positioned in cyber consulting since its inception in 2008, the company did not offer real threat intelligence software prior to its 2015 acquisition of Rennes-based start-up inThreat. Founded by David Bizeul, this was a new beginning for Sekoia, who decided to split their activities in mid-2022. On the one hand, OWN Security for services and Sekoia bundling XDR and threat intelligence components into their Sekoia.IO offering .

Having previously developed CERT for Société Générale in 2010 and that for Airbus in 2012, David Bizeul has experience in the field of fighting cybercrime, which has largely contributed to changing Sekoia’s positioning. “I experienced what is happening on the espionage side, whose stakes are very different from those of cybersecurity, and I realized that threat modeling is not an end in itself and that it is first necessary to put in place good rules of knowledge about this threat” , explains David Bizeul, co-founder of Sekoia and deputy CEO of OWN Security.

A qualified OVH cloud-hosted platform SecNumCloud

Available in SaaS, Sekoia.IO is capable of detecting and monitoring threats on both networks and workstations, with or without agents. “For the infrastructures and the cloud, the platform works via interconnection and API communication, while an agent is used for observation on the workstations”, says Georges Bossert, technical director of Sekoia.IO. . Many companies stack their cybersecurity solutions like a tier of cake Do cybersecurity solutions tend to have another one on top? “We don’t see Sekoia.IO as a solution that will cover other tasks performed by the cybernetic solutions already installed, but rather it will provide additional information that the others do not offer”, emphasizes Georges Bossert. And the CTO to highlight several differentiators, starting with its 3 threat detection engines in intelligence and source validation, correlation and multi-event reconciliation, as well as in machine learning to identify, for example, attackers using legitimate tools.

“We leverage intelligence to feed and explain threat detections,” says Georges Bossert. “The attacks are not very heterogeneous but very dense, it is necessary to invest a lot in monitoring groups of attackers and in detecting data flows and hunting threats”. Sekoia builds on all of its building blocks: from XDR to the remediation engine, including real-time threat detection, including the portal and cross-analyst messaging and collaboration services. The provider also addresses the challenges of reliable cloud with an infrastructure hosted in France at OVH in its Hosted Private Cloud offer. “We are not limited to France only, we are part of an international development and we also use AWS, Azure and Oracle clouds”, adds Georges Bossert. “We defend all types of environments, even the less technical ones”.

Suez, L’Oreal and Crédit Mutuel Arkea among the 200 clients

Sekoia’s team of 18 analysts based mainly in Rennes (but with some full-time telecommuters) have different profiles ranging from IT security, strategy and international relations. Including among them former analysts from ANSSI, Kaspersky, F-Secure… Also note the presence of a Russian-speaking collaborator providing valuable assistance in the fight against threats from APT groups from Russia and very relevant to Cyber ​​​​Threat Intelligence (CTI). “Our activities range from XDR to threat detection using CTI and we also work with Capgemini’s SOCs, Synetis…”, says Nicolas Caproni, head of the TDR team at Sekoia.

Launched in 2019, just before the covid crisis, Sekoia.IO was very well received by companies that contributed a lot to its development by getting involved in the creation of the platform as beta testers. “We relied on word of mouth from early customers and partners we knew to develop the offering before launching it commercially after 2020,” says David Bizeul. “Unlike other publishers, our business did not fall during the pandemic, quite the contrary. Companies that had incident detection and response projects did not cancel them.” So far, Sekoia.IO is used by 200 clients, mainly medium and large companies (Suez, L’Oreal, Crédit Mutuel Arkea…) and has a 100% indirect sales model through a network of resellers and MSSP. For 2023, the group wants to accelerate its international development, namely in Europe (Spain, Portugal, Germany, Holland, Switzerland, etc.). If the company is discreet about its turnover, it points to profitability in 2025.

Leave a Comment