Serenicity, the Swiss army knife for the cybersecurity of VSEs/SMEs

Fighting against security flaws and vulnerabilities is not an easy task. Especially when you are a VSE which often has no resources dedicated to cybersecurity and often relies on its only antivirus to protect its workstations. To help them in this delicate mission, many publishers are positioning themselves, such as Serenicty, for example. Launched in 2018 and located in Saint-Etienne (Auvergne Rhône-Alpes), this publisher has made it a point of honor to offer practical and easy-to-use services for non-IT populations.

“What we want to do is provide a level of security equivalent to the VSEs that the large groups can have”, sums up Cyrille Elsen, CIO of Serenicity. “We offer a clear indicator for measuring the rate of cyber-toxicity to help them very easily determine their level of exposure to risks”. To develop its offer, the company has filed several patents in the industrialization and qualification of threats, and agreements with the C3N and the judicial police have been signed to exchange indications of compromise.

Serenecity provides access via Control to various indicators including a real-time dashboard of the state of IS cybersecurity reported via the Detoxio module. (credit: Serenicity)

Detoxio and Probio offered in appliances or VM

The start-up thus offers several modules to cover many cybersecurity functions. The – very visual – tables of compromised network identifiers and IP addresses make it possible to react quickly to the risk of ransomware or rebound attacks: “We also automate the blocking rules in real time and we have developed our own IPS and IDS,” explains Cyrille Elsen. For the IPS part, the solution proposed by Serenicty is called Detoxio and comes as a cut between Internet access and computer equipment. On the IDS side, it is Probio that provides the service, which, according to Cyrille Elsen, functions as a “mini EDR”. The other bricks are Cleaner to remove malware and finally Cymealog. “It sits between the SIEM and the SOC and will look for threats in all the log elements”, specifies Cyrille Elsen.

Two supervision and alert solutions complete the offer: Cybermeteo (status of the cyber threat) and Control (cyber supervision and management). Detoxio and Probio are available both in the form of a hardware appliance (Shuttle), but these functions can also be encapsulated in a VM. Manufactured in China, these boxes are nevertheless assembled in France, knowing that all the software part is designed there on the basis of open source technological bricks developed to order. “We redeveloped a complete database management system from the Linux kernel,” continues Cyrille Elsen.

Before joining Serenicty in 2018, Cyrille Elsen was CIO of the Casino group. (credit: DR)

In terms of customers, the first references were recorded in 2019 with “accelerating” marketing with more than 250 customers including a telecom operator, law firms, pharmacies, chambers of commerce, funeral directors, etc. Operating on an indirect sales model, Serenicity relies in particular on a network of resellers and outsourcers, including Techonme. In terms of price, Serencity offers a first level of offer at €49 excl. VAT per month per station (€75 excl. VAT from 11 to 50 stations and €250 excl. €588, 900 and €3,000 excluding tax.