SEKOIA.IO CTI is a mix of exclusive SEKOIA.IO threat Intelligence data (coming from C2 trackers, VT trackers, honeypots etc. ) and refined OSINT data (URLhaus, ThreatFox, etc.).

The threat intelligence offered by SEKOIA.IO CTI is :

• highly structured : all the data are modelized in STIX 2.1 format (SEKOIA.IO is a member of the OASIS CTI committee which is in charge of the evolution of the STIX format)
• fully contextualized : the SEKOIA.IO CTI data is linked together to understand why an indicator is relevant (which threat actor uses it, what is the linked malware etc.)
• built for detection purpose : the SEKOIA.IO CTI data is produced to be used for detection purpose (very few false positives)

What SEKOIA.IO CTI includes :

• A contextualized IoCs feed (YARA rules included) coming from open source intelligence and SEKOIA exclusive sources
• Modelization and enrichment of selected reports coming from the SEKOIA OSINT watch
• SEKOIA FLINT (Flash Intelligence) reports (in English, ponctual)
• Threat actors and malwares identity cards

The subscription to SEKOIA.IO CTI allows :

• A full access to the whole CTI database
• An unlimited number of user accounts for the web access
• An API access without thresholds
• An access to all existing connectors
• An access to the Support and Customer Success teams