Skip to content

Sekoia Defend (XDR)

Sekoia Defend (XDR) is an eXtended Detection and Response platform that automates your SOC.

It allows you to easily integrate and analyze the events produced by your applications, endpoints, cloud and SaaS perimeters in real time, and we designed it with the sole purpose of protecting your assets from potential cyber threats.

Product Features

Collect

To defend your business, you need to know what's going on. Monitoring your assets is a prerequisite for their security. Sekoia.io is able to collect logs via various mechanisms, setting it up on your end is easy!

  1. Find out the supported ingestion methods.
  2. Take a look at our pre-defined Integrations' list that keeps growing to suit all of your needs.
  3. Configure your Intakes to collect your logs.
  4. Organize your intakes in Entities.
  5. Enrich your events with your Assets.

Detect

Sekoia.io combines Cyber Threat Intelligence, anomaly detection and advanced Threat detection scenarios to effectively detect attacks, intrusions and compromises. By design, Sekoia.io is built to protect your organization against the most aggressive and advanced threats.

  1. Discover the Rules Catalog.
  2. Create your own detection rules.

Investigate

Sekoia Defend (XDR) allows you to conduct investigations on malicious activities directly from an alert or by means of the event history. Case management makes it possible to reconcile alerts with each other and to document the associated analyzes and results.

  1. Review Security Alerts raised by Sekoia.io and investigate on their malicious activities.
  2. Hunt down the intruders with the Event History and its drill down capabilities.
  3. Use Case Management to centralize your observations on an incident and collaborate with other stake holders.

Automate

Automating your security improves your cybersecurity operations by consolidating your procedures. SOC Automation combines security tools, processes and people to accelerate the execution of your security responses while ensuring their repeatability and auditability.

  • Manage your Playbooks to automate your SOC.

Report

  • Review your Security with dedicated Dashboards or build your own control center.