Sold by: SEKOIA.IO
The threat intelligence produced by Sekoia.io is contextualized, exploitable and accurate.
Overview
Sekoia Intelligence (CTI) is a mix of exclusive Sekoia threat Intelligence data (coming from C2 trackers, VT trackers, honeypots etc. ) and refined OSINT data (URLhaus, ThreatFox, etc.).
The threat intelligence offered by Sekoia Intelligence is :
- highly structured : all the data are modelized in STIX 2.1 format (Sekoia.io is a member of the OASIS CTI committee which is in charge of the evolution of the STIX format)
- fully contextualized : the Sekoia Intelligence data is linked together to understand why an indicator is relevant (which threat actor uses it, what is the linked malware etc.)
- built for detection purpose : the Sekoia Intelligence data is produced to be used for detection purpose (very few false positives)
What Sekoia Intelligence includes :
- A contextualized IoCs feed (YARA rules included) coming from open source intelligence and SEKOIA exclusive sources
- Modelization and enrichment of selected reports coming from the Sekoia OSINT watch
- Sekoia FLINT (Flash Intelligence) reports (in English, ponctual)
- Threat actors and malwares identity cards
The subscription to Sekoia Intelligence allows :
- A full access to the whole CTI database
- An unlimited number of user accounts for the web access
- An API access without thresholds
- An access to all existing connectors
- An access to the Support and Customer Success teams
Highlights
- CTI highly structured
- CTI fully contextualized
- CTI built for detection purpose
Details
Sold by
Categories
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Pricing
Custom pricing options
Pricing is based on your specific requirements and eligibility. To get a custom quote for your needs, request a private offer.
Legal
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Resources
Support
Vendor support
SEKOIA.IO Support :
Software associated with this service
By Decyphertek
MISP is a professionally repackaged version of an open source Cyber Threat Intelligence Platform, enhanced with advanced security features and offered as a ready to deploy solution. While the core software remains open source, Decyphertek charges a fee for the added security enhancements and streamlined deployment process. This ensures users receive a secure, reliable, and enterprise grade solution without the complexities of manual setup.
By Torq
Torq is the AI SOC platform that combines agentic insights and automation so that enterprises can triage, investigate, and respond to actual risks, faster. Torq streamlines every step from alert through resolution. The platform analyzes your risk context to identify your biggest threats. Working alongside your SecOps staff, the Torq platform integrates with your security stack to facilitate containment and remediation workflows.
By Swimlane
Swimlane delivers automation for the entire security organization. Swimlane Turbine is the AI-enhanced, low-code security automation platform that unifies security teams, tools, and telemetry in-and-beyond the SOC into a single system of record to reduce process and data fatigue while quantifying business value and ensuring overall security effectiveness.
By Palo Alto Networks, Inc.
Cortex XSIAM is the automation-first platform for the modern SOC, harnessing the power of machine intelligence to radically improve security outcomes and transform security operations. XSIAM customers can consolidate multiple products into a single, coherent platform, cutting costs, improving analyst experience and productivity.