HomeResources
Showcasing our MSSP expertise with CTI and Sekoia SOC Platform

Showcasing our MSSP expertise with CTI and Sekoia SOC Platform

2022

client since

8/10

satisfaction with Sekoia

As a Managed Security Service Provider (MSSP), our 30-member team specializes in monitoring our clients’ information systems using XDR technology.

Industry

MSSP/ MDR

feedback with

an MSSP partner

company size

30 employees

chosen solution

Sekoia SOC Platform (XDR+CTI)

Under supervision

100,000+ in 2024

A PDF version of this case study is available

Download case study

"Our collaboration with Sekoia can be summed up in one word: Great! Sekoia is a preferred partner for any organization looking to strengthen its security posture through a flexible approach, seamless integration, and exceptional customer support."
SOC Team Lead

Context & challenges

Our primary challenge lies in efficiently interconnecting tools and processes to provide optimal protection to our clients. We require a large catalog of integrations to minimize integration efforts and focus on delivering value to our clients.

Another significant challenge is maximizing the return on our investment in Threat Intelligence (CTI). How can we provide real added value to our clients while managing our costs effectively?

In addition, volume-based log billing offered by some vendors is problematic, especially for less mature customers who are unable to estimate their volume (EPS). This complicates budget management and can become a barrier to the adoption of robust security solutions.

Why Sekoia?

We chose the Sekoia SOC platform for several reasons. Firstly, the diversity of technologies integrated by Sekoia enables us to reduce our interconnection and integration efforts, which is a significant advantage for an MSSP.

In addition, the solution offers price predictability thanks to billing based on the number of assets rather than the volume of logs, making it easier for our customers to manage costs.

Finally, the native integration of CTI in Sekoia enables us to benefit from advanced threat detection, which has already proved its value on several occasions for our customers.

The Sekoia SOC platform stands out for its ability to meet the following specific challenges:

  • Ready-to-use integration catalog: We can quickly integrate multiple data sources and demonstrate the value of our offering from the Proof of Concept (POC) stage.
  • Native CTI integration: Detection rules incorporating CTI enable us to detect weak signals and anticipate threats proactively.
  • Transparent asset-based billing model: This predictable model is a true differentiator, especially for attracting new, less mature clients.
  • Hybrid MDR approach:The balance between standardization and customization perfectly meets our expectations (80% shared services, 20% bespoke).
  • Trusted SIEM approach: We systematically propose Sekoia to governmental clients. Having this European SIEM solution is a major asset to offer trusted services.

Benefits

The Sekoia SOC platform enables us to significantly enhance our clients’ security management:

  • Optimization of alert qualification and management
  • Comprehensive overview with integrated SIEM and CTI
  • Strengthened operational reactivity and efficiency
  • Cost predictability for our clients

Certified Sekoia training empowers our teams to better support our clients in platform usage and showcase our MSSP expertise.

We can also offer value-added services such as creating parsers and contextual rules to meet each client’s specific needs.

The team lead said, "Our collaboration with Sekoia has elevated our clients’ security level while showcasing our expertise. Sekoia’s integrated CTI impressed us from the start! The platform’s reliability and the team’s responsiveness are major assets for our success."

Use cases

Our primary use cases include continuous monitoring, alert management, detection rule adjustment, and guiding our clients in incident response.

We prioritize topics with visible impacts on the client, leveraging community Sigma and STIX rules and playbooks to optimize our interventions.

The ability to rapidly adapt defense strategies to new threats is essential to guarantee our customers’ security.

FAQ

What is a Managed Security Service Provider (MSSP)?

An MSSP is a third-party company that monitors and manages an organization's digital security. Today, many are evolving into Managed Detection and Response (MDR) providers to offer deeper threat hunting and faster incident containment.

What kind of support do MSSP/ MDR partners receive?

We offer an established partner platform packed with technical resources, co-branded materials, and go-to-market tools to help you scale. Read about our partner program to learn more.

How does Sekoia support multi-tenant MSSP security operations?

The platform has built-in features to manage multiple communities from a single view. Through Sekoia Elevate, you can tailor the AI agent's context and memory for each specific sub-tenant. This lets the platform handle every customer’s unique environment and edge cases perfectly.

Can MSSPs use Sekoia with their customers’ existing security tools?

Yes, you can. Sekoia uses an open and extensible architecture to avoid vendor lock-in. It comes with over 300 integrations.

With Sekoia Reveal, you ingest data from existing tools like EDRs, CMDBs, IAM platforms, and vulnerability scanners. On the output side, Sekoia Intelligence feeds high-confidence threat data directly into your customers' SIEMs, SOARs, firewalls, or TIPs via native APIs and TAXII endpoints.

Related case studies

How REST Solution boosted its managed SOC business with Sekoia

read story

Showcasing our MSSP expertise with CTI and Sekoia SOC Platform

read story

A shared vision for 360° safety and increased maturity

read story

How does Monaco Cyber Sécurité ensure data residency compliance with Sekoia?

read story