ESET announces integration with Sekoia
ESET and Sekoia announced a new integration between ESET PROTECT and Sekoia Defend to enhance endpoint security, enabling unified visibility, automated response workflows, and advanced threat detection using ESET telemetry and Sekoia’s CTI-powered Sigma rules. The partnership aims to streamline SOC operations by forwarding endpoint alerts for enriched correlation, faster incident resolution, and automated threat response actions.
ESET and Sekoia have partnered to integrate their cybersecurity platforms, combining ESET PROTECT’s endpoint protection with Sekoia Defend’s AI-driven detection capabilities. The integration allows ESET PROTECT to forward endpoint telemetry and alerts to Sekoia Defend, enabling enriched threat correlation, automated response workflows, and advanced detection logic. This synergy helps security operations centers (SOCs) resolve incidents faster by providing critical context and reducing alert fatigue. The collaboration addresses challenges faced by security teams, such as isolated endpoint alerts and prolonged investigations due to fragmented data sources. By uniting ESET’s endpoint telemetry with Sekoia’s CTI-driven detection and automated response capabilities, analysts gain the tools needed to respond to threats efficiently. The integration supports both cloud and on-prem ESET PROTECT deployments, forwarding data securely via JSON syslog to Sekoia Intake for processing. Within Sekoia Defend, events are normalized, enriched with threat intelligence (CTI), and processed through detection rules. Correlated alerts are escalated with full context, allowing SOC teams to investigate incidents and initiate automated responses through integrated playbooks and ESET PROTECT APIs. This reduces manual workload and accelerates threat mitigation. Both companies emphasize their shared mission to simplify security operations while maintaining high visibility and protection. ESET’s focus on ease of use and interoperability aligns with Sekoia’s scalable AI SOC platform, reinforcing their commitment to an open security ecosystem. As European cybersecurity vendors, they also highlight the value of trusted, ‘Made in EU’ technologies for organizations prioritizing data sovereignty and compliance. The integration is designed to alleviate pressure on SOC workflows by consolidating endpoint security and AI-driven detection into a coordinated system. By cutting through alert noise and automating responses, the partnership aims to help enterprises, SOCs, and managed security service providers (MSSPs) defend against sophisticated cyber threats more effectively.
This content was automatically generated and/or translated by AI. It may contain inaccuracies. Please refer to the original sources for verification.