Seceon has a long history of innovating our cybersecurity platform and its powerful detection and response capabilities. Seceon was founded in 2015 and since then has been recognized globally for its highly efficient architecture and mission to ingest telemetry from the widest number of attack surfaces and provide the highest level of correlation and situational awareness in the industry.
In fact, in Gartner’s late 2019 report, Emerging Technology Analysis: Machine Learning Log Analysis Disrupts Traditional SIEM Buying Models by Eric Ahlm, Seceon and others were recognized for “Use of data modeling to detect threats created from enhanced or enriched log data gathered from internal sources and external sources”
Since then, Machine Learning has taken the world by storm, and Seceon has greatly improved our models and applied them to cloud environments, including containers, databases, applications, and endpoints.
2023 saw seceon release several new products, including:
The platform itself has been improving and got a great boost when it acquired Helixera a real-time big data analytics company, and the Helixera Pattern Scanning Engine, which makes possible the analysis of data in a distributed manner at locations that were not previously viable. It brings real-time scanning to distributed devices at the edge and enables instant responses to any malicious or configurable posture.
Seceon has long had the industry’s best correlation and situational awareness capabilities for the teams that choose to dive deep in the platform and ingest telemetry from all attack surfaces. This year Seceon added an improved heuristic to support an industry-first correlation of connected and disconnected assets. They can now be correlated automatically. These assets now contribute to the Seceon DTM (Dynamic Threat Models) for alert detection. Speed and accuracy of proactive threat detection improves SOC efficiency multi-fold.
Multi-Tenant and Multi-Tier – 2023 also saw a major improvement in the user experience and support for our MSP/MSSP partners, resellers, distributors, and IT teams that have distributed and separate teams focused on securing multiple entities. First introduced by Seceon in 2019, this year major improvements were made to support these use cases, including bandwidth and productivity optimizations, all based on feedback from our partners and users.
The EDR (Endpoint Detection and Response) system has undergone a redesign, incorporating horizontal scaling for improved performance and enhanced detection capabilities. With this overhaul, the system is now equipped to scale horizontally, ensuring better efficiency in handling increased workloads. The redesign specifically focuses on optimizing performance metrics and bolstering the system’s detection capabilities, making it more responsive and robust. Altogether, these enhancements contribute to a more powerful and efficient EDR system.
There was also a significant investment in our data centers to support a more sophisticated Availability and disaster recovery architecture across our software and infrastructure to enable five nine-level availability.
The Seceon UI & UX team were active not just on the new products listed above, and backend improvements, but also made significant improvements to the Seceon platform user experience. Many of the requests they addressed were submitted by partners, customer, and their users.
UX With Improved Responsiveness
Enhancements have been made to improve the UI performance for systems with lower bandwidth. These optimizations aim to provide a smoother and more responsive user interface experience, particularly in situations where bandwidth is limited. The improvements focus on ensuring optimal usability and performance in low-bandwidth environments.
New! Add-On Store
A new integrated marketplace within the platform provides a comprehensive overview of both included and licensed features offered by the product. This centralized hub offers a holistic view of all available features and is categorized for easy searching. Users on both the MSP/MSSP and Tenant sides can conveniently access this marketplace, which also includes user-friendly links for easy installation.
New! Ingestion Device Inventory
In response to customer requirements, a new screen titled “Ingestion Device Inventory” has been introduced to provide insights into data ingestion statistics. This new screen caters specifically to the customer’s need for comprehensive information on the devices involved in data ingestion. The new screen serves as a dedicated tool for monitoring and analyzing data ingestion statistics in a user-friendly format.
New! Collection Health Monitoring
To assess the health of CCE, we’ve implemented a feature called “Collection Health Monitoring,” allowing users to view statistics for each CCE individually. It serves as a centralized platform for monitoring the health information of all CCE instances.
Collector-Control
Utilizing a token-based system, sensor registration is facilitated with complete control. This mechanism ensures a secure and streamlined process, allowing for efficient management and configuration of sensors. The token-based approach enhances security measures, providing a reliable means of authorizing and controlling sensor registration. Overall, it offers a robust solution for overseeing and administering the deployment of sensors in a system.
UDA & TTI For MSSP
Addressing customer input, UDA (User Defined Alerts) and TTI (Trusted Threat Indicators) screens have been integrated on the MSP/MSSP view to enhance access to all tenants. Moving forward, users will have the capability to select multiple tenants simultaneously for both screens.
Auto-Remediation
Revamping auto-remediation capabilities to accommodate multiple cloud providers seamlessly. This redesign ensures that the system can efficiently address issues across various cloud platforms. The enhanced auto-remediation functionality promotes a unified and adaptable approach to remedial actions in diverse cloud environments.
Network-Policies UX
Network policies have undergone a redesign to enhance comprehension and provide advanced support, allowing users to easily enable or disable any policy with a single click. This overhaul offers users a clearer understanding of network policies while introducing more sophisticated features to cater to diverse and complex requirements. The redesigned network policies are geared towards providing a more user-friendly experience and facilitating advanced functionalities for robust network management and control.
Remediator
The Remediator Configuration has been revamped to enhance an understanding and streamline information gathering. The updated design now provides a simplified process, allowing users to check the status and connection of tests with a single click. This improvement aims to offer a more user-friendly experience and efficient management of Remediator configurations, ensuring ease of use and accessibility.
LTS
Redesigning LTS (Long-Term Storage) to enable support for configuring multiple clients with diverse storage type options. This redesign ensures the flexibility of the LTS system to cater to various client configurations while offering a range of storage choices. The enhanced LTS configuration now provides seamless support for multiple clients, each with distinct storage preferences.
Built-in Dashboard customization
Users have been thrilled that we have now added the capability to customize the built-in dashboard, including the option to drill down for more detailed insights. This enhancement provides users with greater control and flexibility in tailoring their dashboard experience with custom capabilities.
Deep-Tracker
The Deep Tracker has been redesigned to provide consolidated information about both logs and flows, offering a centralized location for comprehensive threat details. This integration allows users to efficiently gather insights into both types of threat data, streamlining the threat-hunting process. By presenting information about logs and flows together, the redesigned Deep Tracker enhances the effectiveness of threat detection and analysis. On special request, we have added the JSON view and tabular view to see the detailed data information.
MTMT (Multi-Tenant Management Tool)
The MTMT UX and UI has undergone a redesign to improve the user experience and enhance its capabilities for handling multiple MSPs/MSSPs. This redesign brief was to create a more intuitive and user-friendly feel and introduce advanced features to efficiently manage multiple MSP/MSSP instances. The enhanced MTMT now offers a smoother and more responsive user interface, contributing to an overall improved user experience. Additionally, the upgraded capabilities empower the tool to effectively handle the complexities associated with managing multiple MSSPs.
In August 2023, Seceon marked a strategic milestone by successfully acquiring Helixera, a prominent cybersecurity company. As part of this acquisition, the founder of Helixera joined Seceon’s esteemed Customer Success Engineering team, infusing our operations with a wealth of expertise in cybersecurity, networking, and customer service.
This move helped to fortify Seceon’s commitment to providing unparalleled support to our expanding customer base. In response to the rapid growth, we promptly adapted and refined our customer support operations, encompassing both pre-sales and post-sales activities. Concurrently, we undertook a comprehensive overhaul of our internal processes, resulting in a steady enhancement of our Customer Experience Service Level Agreements (SLAs).
The burgeoning customer base also spurred a noteworthy expansion of Seceon’s Security Operation Center (SOC) facility. This strategic development reinforced our commitment to cybersecurity excellence and empowered our SOC customers with the requisite protection and monitoring capabilities they demand. The cumulative effect of these initiatives has positioned Seceon as a leader in the dynamic landscape of cybersecurity, poised for sustained growth and innovation.
Integrations are the lifeblood of any organization today and powerful APIs enable greater context for cybersecurity platforms and teams and for our partners and customers greater value from their existing tools.
Seceon has three primary types of integrations: log/flow/event/alert ingestion, helpdesk/ticketing/ITSM/alert integration, and response integration for blocking, stopping or quarantining of malicious attacks. You can also view a complete list of Seceon’s integrations and connectors.
Major new or updated integrations in 2023 include:
Did you meet Seceon in person this year?
We were at RSA 2023, TechNet Cyber 2023, IDC South Africa CIO Summit 2023, Tribal Net, DattoCon, ITNation 2023, ChannelPartners Europe, GITEX, Black Hat Middle East, and Africa. We were also at AISS2023 – DSCI, NCBS 2023, Nullcon Goa 2023, ICDSS 2023, 27th Annual Conference 2023 ISACA Mumbai Chapter, ISACA Hyderabad Chapter, CyberX India Summit – Bangalore. We also attended numerous partner sales kickoffs and other events.
2023 also saw a giant leap forward in our Support and Partner portals. Built on the leading SaaS platform, these new portals feature a modern, intuitive interface to submit and track tickets, review knowledgebase articles, and read tutorials. The partner marketing team also updated all content and created new content for our partners to use across their sales and marketing programs.
We love hearing from our partners and customers and getting their features, reports, and integration requisites, and suggestions for user interface, and user experience improvements. We rank all requests and, when needed, conduct interviews and surveys to ensure that we build what is needed. Many requests make their way into the sprints, and a good majority of them eventually become available to our partners and customers.
We look forward to continuing our pace of innovation and the support of our partners and customers as they grow in 2024. If you have not gotten a demo lately of anything mentioned here, you can always join our weekly live demo or schedule your own 1:1 demo.