Security Stack Logo
Sekoia Intelligence logo

Threat Intelligence

Sekoia Intelligence

Structured CTI for SOC and strategic teams with contextualized threat intelligence feeds.

Cyberthreat Intelligence Technologies

Sekoia Intelligence Overview

What it does

Sekoia Intelligence provides structured, contextualized cyber threat intelligence from the Threat Detection & Research (TDR) team, established in 2020 with approximately 20 analysts from backgrounds including France's Agence Nationale de la Sécurité des Systèmes d'Information (ANSSI), French Interior and Defense ministries, F-Secure, Thales, and Kaspersky, specializing in detection engineering, threat hunting, reverse engineering, geopolitical analysis, Open-Source Intelligence (OSINT), and dark web monitoring. The platform's database is continuously updated through Structured Threat Information Expression (STIX) 2.1 modeling from hundreds of qualified intelligence sources, delivering actionable intelligence for both strategic decision-making and Security Operations Center (SOC) operations with reduced false positives and team fatigue.

How it works

The platform delivers predictive capabilities with 50 percent of intelligence available before attackers use associated tools, detecting 4 million threats in 2024 with 25 percent identified automatically through Artificial Intelligence (AI) including agent-based AI that learns organizational security postures. Sekoia Intelligence features customizable dashboards with sector, threat typology, and geographical filters, integrates via Application Programming Interface (API) with Security Information and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR), and eXtended Detection and Response (XDR) platforms, and provides 900+ Sigma detection rules to identify Tactics, Techniques, and Procedures (TTPs) exploited by adversaries.

Credentials and traction

Sekoia Intelligence is ISO/IEC 27001:2022 certified and holds SOC 2 Type I and PCI DSS attestations, with GDPR, NIS2, and DORA compliance. Sekoia was named a Leader in the Frost & Sullivan Frost Radar: Extended Detection and Response in 2024. It is used by SOC teams at organizations including NATO, EDF, and URSSAF, and serves more than 2,000 organizations worldwide.

Key Capabilities

mapped to solution categories
Cyberthreat Intelligence Technologies

Provides an interactive portal with contextualized dashboards, configurable alerting, search and built-in analysis.

Provides comprehensive indicators of compromise such as IPs, URLs, domains and file hashes with maliciousness ratings and enrichments like geolocation and TTPs.

Delivers tailored vulnerability and exposure intelligence highlighting actively exploited vulnerabilities with associated IoCs, TTPs and threat actors.

Supports machine-to-machine integration via JSON, APIs and STIX or TAXII, with sharing across private and public communities such as ISACs.

Auto-generates detection rules and syntax for SIEM, firewalls, IPS or IDS and EDR.

Produces finished intelligence reports at technical, operational and strategic levels.

Enriches intelligence with external telemetry such as passive DNS, sinkhole traffic and global sensor networks.

Ingests and shares intelligence via STIX/TAXII and other machine-to-machine formats and APIs.

Aggregates indicators from multiple sources into comprehensive, deduplicated coverage.

Profiles threat actors with associated TTPs and attribution context.

Compliance

certifications
GDPRISO/IEC 27001:2022NIS2 DirectivePCI DSSSOC 2 Type I

Integrations

compatible tools
Cortex XSOARMicrosoft SentinelOpenCTISplunkSplunk SOARSwimlane Turbine

Implementation & support

Deployment model
CloudSaaS
Pricing structure
Custom / EnterpriseSubscription
Support channels
24/7 SupportCustomer Success TeamDocumentationEmail SupportTechnical Account Manager (TAM)Training / Academy

Info last updated on May 28, 2026

Vendors

Is this your product?

Claim your profile to connect with the teams looking for your solutions.

Security Stack Logo

The curated research platform for enterprise cybersecurity solutions.

All product and company names, logos, and brands are property of their respective owners and are used on this website for identification purposes only. Security Stack does not endorse any vendor, product, or service listed, and makes no warranties, express or implied, as to the accuracy or completeness of this content, including any warranties of merchantability or fitness for a particular purpose.

© 2026 Security Stack. All rights reserved.