TL;DR : This blog post is not technical. It details security industry problems and explains why SEKOIA decided to rethink security with SEKOIA.IO. The result is the first Cybersecurity Platform as a Service, made for communities, simple for users and providing added value to editors and developers.
From its origin, SEKOIA has always been involved in security from different angles:
- we assist decision makers in taking the good directions, managing security project, defining rules…
- we deal with offensive and defensive missions for our customers from basics to the most complex
- we create innovative solutions when we think something makes sense for the community
In 10 years, we have been convinced that there are 10 security concerns in security:
- digital transformation will continue up to a global transformation
- security world is changing
- attacks will continue
- expertise is missing
- market is complex
- many solutions are not reliable
- many products are expensive silos
- community sharing is necessary to make things works
- most workflows are poor
- automation is necessary
Ten obvious you think?
But have you ever seen the slightest way to answer these issues?
Progressively we designed what should be the solution to all these problems.
It took us time and efforts to establish the complete picture of what this solution could be.
Once established, the result would be a game changer for security, both on technical side and on user experience.
As there’s no magic wand, we decided to invest all our energy in this project. This was two years ago…
Welcome to SEKOIA.IO!
SEKOIA.IO has been designed to answer the ten security concerns as a whole.
Let’s take time to detail each of them and how SEKOIA.IO brings the answer:
1 – Digital transformation will continue up to a global transformation
There is a high focus in the media, in the top management spheres, in the investment circles? Everything turns around digital transformation. Every industry now thinks about connected devices, business automation, added value services above core business activities. The trend will probably continue until major groups have created a sufficient ecosystem around their own brand.
In SEKOIA.IO, we use every techniques that have been proved to be interesting in some way to go with digital transformation:
- Tokenization to allow access when necessary
- API everywhere to create flexible workflows
- Micro services to have a scalable and fine-grained backend
- Pervasive applications to bring the maximum added value of each solution
- A marketplace to easily chose what’s useful for the customer
2 – Security world is changing
If digital transformation is a real trend, what about security? Should our industry just observe what’s going around and be plugged at the end as an additional component in the chain? Of course not. Security industry needs to change; security industry will change. Some interesting initiatives already exist originating from individuals, groups or vendors. But what is the strategy to transform it into something valuable for everyone?
SEKOIA.IO is a Cybersecurity Platform as a Service. It is made to run security applications. In our environment, applications can interact with each other and to directly access a customer dataset when permissions are given. We provide SDK for internal apps, we provide REST/API for external apps. When hosted internally, apps get integrated storage, automatic scalability, automatic security and front-end templates.
3 – Attacks will continue
That’s an obvious statement, attacks will continue to occur sustained by cybercrime activities and state sponsored activities. Should companies consider they can avoid it all? Certainly not! But at least, the perspective to detect faster and react better should be a top priority for security departments.
SEKOIA.IO creates smart use cases to deal with attacks. A SIEM application triggers alerts for SOC team to detect weird things. The alert becomes an incident in an incident application made for CERT teams. Based on a threat intelligence application, the associated indicators are used to create a dedicated feed for security products.
4 – Expertise is missing
Studies say we might have 2M uncovered security jobs in 2020. Sic!
The only clever approach for companies is to accept to mutualize, to share, to tool up.
SEKOIA.IO is here to run security applications for your perimeter. These apps are available in simple mode to avoid having experts for every single security sub-domains. You can share part of your result dataset with the partners you want. You progressively tool up depending on your security needs and your budget.
5 – Market is complex
Google offers interesting perspective on “security industry landscape” search.
Let’s say it’s… complex.
Customers have to choose the right way to stuff their security in this complex landscape. It’ a hard task to understand what someone does and does not, to understand what’s behind a brochure, to get the pricing, to test….
SEKOIA.IO provides a marketplace to identify in a minute what an application can do. Applications are rated by real customers so that good applications are automatically preferred for what they are, not what they look like. Only one bill is established to the customer so that his purchase department have the job made easy.
6 – Many solutions are not reliable
Each month, we have to face data breach incidents coming from companies providing services to their customers. What was the cause of the leak? Insecure database, unapplied patches, web application vulnerabilities. 100% security does not exist but most of these failures could have been avoided.
In SEKOIA.IO, we make sure the access to the information is made with a community token. You cannot get access to information outside your community. The concept of in depth security is applied in the application architecture so that each software component cannot get access to more resources than what it needs.
7 – Many products are expensive silos
Vendors do not worry too much about global efficiency in the customer organization. Most of the time, you cannot interface with a specific product, or if you can, it’s your job to create the hooks to tie products together.
SEKOAI.IO automates the interactions between different solutions. Each application can send real time messages or receive real time messages on what they’re interested in. Each application can also search and get access to information based on security standards without having to connect on multiple applications
8 – Community sharing is necessary to make things work
Stronger Together, that means people get the maximum of efficiency when they can interact with others. If it makes sense to others too, the whole community leverages.
In SEKOIA.IO, a user is a member of one or several communities. As his company is a community, he automatically gets access to the information produced by his colleagues. Communities are defined by interest boundaries, be it a company, an organization, a research group…
9 – Most workflows are poor
A lot of examples exist where efficiency fails when:
- information is missing from step A to step B
- people do not speak the same business language and do not understand each other
- a relay, be it human or technical is used to establish the connection between multiple solutions
The workflow efficiency is a key point in SEKOIA.IO. Each application running on the platform is smart. That means it requires minimal efforts to interact with data stream circulating on the platform coming from other applications. At the end, the user experience is better and the organization workflow is improved.
10 – Automation is necessary
Back to the digital transformation and expertise scarcity. We cannot accept in 2018 to spend time on copy paste, use email as a central brain of the security department and waste expert time on stuff they’re not interested in.
In SEKOIA.IO, everything is made to be automated. Applications can automatically share information and get access to part of a customer dataset when they’re allowed to. A user can test an application and then activate it for the community, automatically it’s running without having to worry about anything else. Security people use their time on the application(s) they want and benefit automatically from the automation of other tools used by their community.
SEKOIA is a security engineering company, not a marketing company, we won’t claim SEKOIA.IO is finished, it’s not true, but it’s already available as a beta environment to sustain first applications.
To demonstrate the principles, these first applications will be branded by SEKOIA and will be released progressively during 2018. But keep in mind SEKOIA.IO is made for all contributors (vendors, freelancers, security researchers).
We want to change the world to make security great, finally!
SEKOIA.IO provides a better environment for security contributors and for security users.
The project might seem crazy (we have heard this several times) but this is real now.
In 2018, we’ll progressively release first applications, extend our user database, create new platform features.
We’ll keep you updated on our twitter account sekoia_io for new improvements, stay tuned!