Home » About Threat Detection & Research team

About TDR Team

A multi-disciplinary and passionate team that provides threat intelligence, detection rules, threat analysis and shares findings to improve the Sekoia SOC platform.

Who we are

Established in 2020, the Threat Detection & Research team, commonly known as the TDR team, is the driving force behind the Sekoia SOC platform, delivering exclusive threat intelligence. This includes freshly contextualised Indicators of Compromise (IOCs) and high-quality threat reports. The team is also dedicated to creating detection materials through an extensive catalogue of Sigma, Sigma Correlation, and Anomaly rules.

The team’s threat intelligence analysts and researchers meticulously examine state-sponsored and cybercrime threats, providing a comprehensive perspective from the strategic to the technical level, in a relentless pursuit of tracking, hunting, and detecting adversaries.

Detection engineers concentrate on developing and maintaining high-quality detection rules, focusing on the tactics, techniques, and procedures (TTPs) most exploited by adversaries.

Threat Detection & Research by Sekoia.io

TDR analysts constantly share their findings with the community through research blogs, GitHub repositories, and our social media accounts (X and LinkedIn). They regularly present their work at international conferences like BotConf and Virus Bulletin.

People behind TDR

TDR analysts possess various hard skills, including threat intelligence, threat hunting, detection engineering, geopolitical analysis, OSINT & dark web, full-stack DevOps, and red teaming. They come from diverse backgrounds, having worked in private companies such as F-Secure, Thales, Kaspersky, Intrinsec, BNP Paribas, and public organisations like ANSSI (French cybersecurity agency) or the French ministries of Interior and Defense.

Who we are

Established in 2020, the Threat Detection & Research team, commonly known as the TDR team, is the driving force behind the Sekoia SOC platform, delivering exclusive threat intelligence. This includes freshly contextualised Indicators of Compromise (IOCs) and high-quality threat reports. The team is also dedicated to creating detection materials through an extensive catalogue of Sigma, Sigma Correlation, and Anomaly rules.

The team’s threat intelligence analysts and researchers meticulously examine state-sponsored and cybercrime threats, providing a comprehensive perspective from the strategic to the technical level, in a relentless pursuit of tracking, hunting, and detecting adversaries.

Detection engineers concentrate on developing and maintaining high-quality detection rules, focusing on the tactics, techniques, and procedures (TTPs) most exploited by adversaries.

Threat Detection & Research by Sekoia.io

TDR analysts constantly share their findings with the community through research blogs, GitHub repositories, and our social media accounts (X and LinkedIn). They regularly present their work at international conferences like BotConf and Virus Bulletin.

People behind TDR

TDR analysts possess various hard skills, including threat intelligence, threat hunting, detection engineering, geopolitical analysis, OSINT & dark web, full-stack DevOps, and red teaming. They come from diverse backgrounds, having worked in private companies such as F-Secure, Thales, Kaspersky, Intrinsec, BNP Paribas, and public organisations like ANSSI (French cybersecurity agency) or the French ministries of Interior and Defense.

The TDR team covers 4 chapters of expertise

Strategic analysis

“We provide the strategic and geopolitical context around cyber threats to explain adversaries’ motivations and better understand the threat landscape.” 🎙️

Coline – Strategic Threat Intelligence analyst, Sekoia TDR

Threat tracking

“We develop our tools and methodologies to hunt new threats and proactively track known ones.” 🎙️

Félix – Principal Threat Intelligence Analyst & Lead APT researcher, Sekoia TDR

Detection & Hunting

“We develop high-quality Sigma rules to detect the most common TTPs and avoid false positives as far as possible.” 🎙️

Caroline – Detection Engineer, Sekoia TDR

Reverse engineering

“We analyse malicious code and malware to better understand, track and detect it, and thus protect our customers.” 🎙️

Pierre – Senior Reverse Engineer, Sekoia TDR

TDR team’s key priorities

  • Provide actionable intelligence: Deliver up-to-date, contextualized, and verified IoCs.
  • Focus on investigations: Invest in emerging threats and the most active current threats.
  • Enrich open-source publications: Offer exclusive indicators to our customers.
  • Create new detection rules: Enhance our Extended Detection and Response (XDR) capabilities to detect TTPs observed in the wild.
  • Contextualize everything: Employ Kill Chain, ATT&CK, STIX modelisation, IOC livetime, and more.
  • Share our research with high-quality private and public reports
Increase your threat detection capability with SEKOIA.IO SOC platform

TDR team’s key priorities

  • Provide actionable intelligence: Deliver up-to-date, contextualized, and verified IoCs.
  • Focus on investigations: Invest in emerging threats and the most active current threats.
  • Enrich open-source publications: Offer exclusive indicators to our customers.
  • Create new detection rules: Enhance our Extended Detection and Response (XDR) capabilities to detect TTPs observed in the wild.
  • Contextualize everything: Employ Kill Chain, ATT&CK, STIX modelisation, IOC livetime, and more.
  • Share our research with high-quality private and public reports
Increase your threat detection capability with SEKOIA.IO SOC platform

In numbers

Enriched reports

Capitalised and enriched reports

Campaigns

Tracked threats

Detection rules

Capitalised and enriched reports

Campaigns

Tracked threats

Detection rules

What are
FLINT reports?

FLINT reports are the FLash threat INTelligence reports by Sekoia, sharing research, investigations, and insights from both strategic and technical analysts.
With over 50 reports produced annually, they serve as a valuable resource in the cybersecurity landscape.

Recent conferences

Connect with us!

Curious about our solutions or interested in a demo of our SOC platform?
Planning a cybersecurity project for your organization?
Let’s schedule a meeting to discuss your needs!