Platform

Built for analyst speed, not analyst headcount.

Seliq combines an AI triage engine, a structured query layer, and full workflow automation into a single platform your team can deploy — and trust — from day one.

AI Triage

Correlates, scores, and de-duplicates alerts before they reach your queue — so analysts work on what matters.

Multi-Tenant

One platform for your entire client base. Isolated data, unified ops — purpose-built for MSSPs.

Dashboards

Real-time SOC health metrics, SLA tracking, and analyst performance — all in one live view.

Queries

A powerful query language for hunting across logs, alerts, and enrichment data at any scale.

Reporting

Scheduled, branded client reports with executive summaries and raw data exports — zero manual effort.

Playbooks

Codify your runbooks as executable workflows. From detection to containment — automated end-to-end.

AI Triage

Stop triaging noise.
Start investigating threats.

Seliq's triage engine processes every incoming alert through a multi-stage ML pipeline — correlating signals, enriching context, and scoring severity — before a single analyst touches the queue.

  • Automatic deduplication and event correlation across sources
  • AI confidence scores with reasoning traces — no black boxes
  • Configurable suppression rules that learn from analyst feedback
  • Mean time to triage notoriously reduced in deployments
Alert Queue — Live 1,204 processed by AI
Sev Alert Conf. Action
CRIT

Lateral movement — DC01 → SRV-PROD-04

98%
HIGH

Suspicious PowerShell execution — WRK-112

91%
HIGH

Brute-force: 847 failed logins — vpn-gw

89%
MED

DNS beaconing detected — WORK-088

74%
LOW

Port scan from 10.0.4.12

61%
INFO

User login outside working hours

43%
Showing 6 of 1,204 alerts · AI suppressed 847 duplicates
Client Overview 34 clients · 2 SLA at risk

FinCorp EU

CRIT

12 open alerts

SLA at risk

HealthNet UK

HIGH

4 open alerts

SLA on track

RetailGroup SA

MED

1 open alerts

SLA on track

MfgCorp AS

OK

All clear

SLA on track

GovSector NL

HIGH

7 open alerts

SLA at risk

CloudBiz Inc

LOW

2 open alerts

SLA on track
Multi-Tenant

Operate 40 clients
with the focus of one.

Seliq's multi-tenant architecture was designed for MSSPs from the ground up — not bolted on. Complete data isolation, per-client policies, and a unified operator view that keeps your team in control without context-switching.

  • Hard-isolated data stores per tenant — no cross-contamination risk
  • Per-client severity thresholds, SLA windows, and escalation paths
  • Role-based access: assign analysts to specific client scopes
  • Unified operator view with drill-down into any client environment
Dashboards

SOC health, visible
at a glance.

Purpose-built operations dashboards that surface the metrics analysts and managers actually need — MTTD, MTTR, SLA compliance, queue depth, and analyst workload — without requiring BI tooling or custom queries.

  • Live queue depth and analyst assignment heatmaps
  • MTTD / MTTR trending with configurable rolling windows
  • SLA compliance indicators per client and severity tier
  • Exportable to PDF for internal and client-facing reviews
Incident Response Overview
Active Incident Count 90d
4
Open Incidents by Severity 90d
Critical
High
Medium
Incident Verdict Distribution 90d
Empty
True Positive
Incident Creation Trend 30d
0 1
04-1704-2304-2905-0505-1105-15
Incidents by Lifecycle Phase 30d
Containment
Eradication
Identification

Query Builder

Compose and run structured queries against your SOC data.

1 Data Source
2 Filters
3 Aggregation
4 Display

Select a data source to query.

🛡️

Alerts

Alert records — severity, status, verdict, assignee

🔥

Incidents

Incident records and lifecycle status

📋

Activity

All state-change events and analyst actions

🤖

AI Usage

Bedrock calls, token counts, and latency

Trigger Fires

Automation trigger execution history

Back Next
Queries

Hunt across your data
without limits.

Seliq's query layer gives analysts structured access to every alert, log line, and enrichment record in the platform. Write ad-hoc investigations, save them as scheduled detections, or chain them into playbook triggers.

  • Visual step-by-step builder — no SQL required
  • Query across alerts, incidents, activity logs, AI usage, and trigger history
  • Save queries as scheduled detections that fire alerts automatically
  • Full audit log — every query, every analyst, every result
Coming Soon

Client reports in one click,
not one afternoon.

Seliq will generate structured security reports directly from live operational data — executive summaries for CISOs, technical breakdowns for analysts, and compliance evidence for auditors. Scheduled, branded, and exportable without analyst involvement.

Scheduled weekly & monthly deliveryWhite-label templatesPDF & JSON exportExecutive and technical tiersCompliance evidence (ISO 27001, SOC 2)
Coming Soon

Runbooks that execute
themselves.

Encode your incident response procedures as Seliq playbooks — triggered automatically, executed deterministically, and audited completely. From the first enrichment step to the final ticket, zero manual overhead.

Event-driven triggersAccount lockout & IP blockEDR isolationJira & PagerDuty actionsConditional branching on AI risk scoreFull execution audit log
Coming Soon

Integrations

Native connectors for your existing stack — SIEM, EDR, ticketing, and identity. Deploy in minutes, not months.

Splunk
Sentinel
Elastic
CrowdStrike
SentinelOne
PagerDuty
Jira
ServiceNow

Don't see yours? Tell us what you need

Early Access

See it live in your environment.

We onboard a limited number of SOC and MSSP teams each month. Request early access and we'll reach out within 48 hours.

Request Early Access