Sekoia.io

What is Sekoia.io?

Sekoia.io is a French-origin open XDR platform delivered as a SaaS service, combining SIEM, SOAR, and cyber threat intelligence capabilities in a single unified environment. It is built around the concept of intelligence-led detection: its detection rules are directly mapped to MITRE ATT&CK techniques and enriched with CTI from Sekoia's own threat intelligence team, which tracks threat actors targeting European organizations in particular. The platform ingests data from across the security stack through a library of intake connectors, normalizes it using a common event format, and correlates it against detection rules and threat intelligence in real time. Sekoia.io's SOAR module allows teams to build automated response playbooks that execute across integrated tools, and its case management interface provides a structured workflow for analyst investigation and documentation.

How does Sekoia.io work with Qevlar?

Qevlar integrates with Sekoia.io to receive detections and to access the platform's threat intelligence context during investigations. The combination is particularly relevant for European organizations that benefit from Sekoia's CTI coverage of regional threat actors, as Qevlar can use that intelligence to enrich and contextualize the findings it surfaces automatically.