Cyber security stacks today often consist of two to three dozen SaaS tools – each with its own login, billing, GDPR assessment, and API. SecTepe.Comm takes a different approach: an integrated, fully self-hosted platform that bundles email security, threat intelligence, sandbox analysis, identity, SIEM, and backup under a single roof – operated in the EU, without hyperscaler dependency.
What Is SecTepe.Comm About?
SecTepe.Comm is the communication and security platform of the SecTepe suite. It combines classical communication (mail, messaging, video, telephony) with defense-in-depth building blocks: a mail security gateway with DLP, sandbox detonation for attachments, an integrated threat intelligence stack, single sign-on via Keycloak, SIEM via Wazuh, and a forensic archive with legally compliant retention.
The Architectural Idea in One Sentence
One platform, one identity provider, one audit trail, one hosting responsibility – instead of fifteen contractual partners with fifteen sub-processors. This not only lowers licensing and integration costs but makes compliance topics like NIS-2, GDPR, and ISO 27001 audits significantly more manageable.
The Building Blocks at a Glance
- Mail Security Gateway: Inbound and outbound filters with milter integration, ClamAV, YARA rules, LLM-based phishing/BEC classification, outbound DLP (data leak prevention), and four-eyes approval for high-risk releases.
- CAPE Sandbox: Automatic detonation of suspicious attachments in isolated Linux and Windows guests – including anti-evasion profiles for modern Office maldocs.
- CTI Stack: MISP, OpenCTI, YARA, and a custom Ransomware Intel service, including 30+ pre-configured OpenCTI connectors.
- Identity & Access: Keycloak as the central identity provider with OIDC, SAML, MFA, and an optional AD connector for hybrid environments.
- Security & SIEM: Wazuh for endpoint and log aggregation, OpenBao as secrets manager, Coraza WAF, Linkerd service mesh with automatic mTLS.
- Observability: Prometheus, Grafana, Loki, SigNoz – with ready-made dashboards for the mail pipeline, sandbox latency, and CTI sync success.
Who Is the Platform For?
The target audience is mid-market businesses and government agencies that want to combine three properties: real data sovereignty (no third-country access, no hyperscaler sub-processors), integrated security (instead of ten best-of-breed islands), and predictable total cost of ownership (no usage-based SaaS growth with per-mailbox or per-event pricing).
Particularly in focus: KRITIS- and NIS-2-relevant organizations, processors with high GDPR requirements, and companies that – following a cyber insurance policy – now have to introduce demonstrable technical measures.
Three Reasons Why Self-Hosted Is Coming Back Right Now
- Geopolitics & the Cloud Act: The US Cloud Act continues to allow authorities access to data of US providers – even with EU hosting. Self-hosted eliminates this question.
- SaaS Cost Explosion: Per-seat and usage-based models do not scale linearly with value delivered. A platform operated on-prem or with an EU hoster typically pays for itself in 12–24 months.
- Audit Obligations: NIS-2, DORA, ISO 27001:2022 explicitly require evidence of data flow, third-party risk, and incident response readiness. In-house platforms are significantly easier to audit.
What's Next?
Over the coming weeks several deep-dive posts on the individual building blocks will appear here – from outbound DLP through CAPE sandbox integration to NIS-2 readiness tools like audit log and alert rules. To see an overview in a live system: a demo can be scheduled at short notice.
Conclusion
SecTepe.Comm is not yet another product in an overcrowded security market, but an attempt to bring together the central tools of a modern security and communication stack in a sovereign, integrated, and auditable way. Anyone serious about data sovereignty in 2026 can hardly avoid a self-hosted strategy any longer – and those who already pursue one win above all one thing with an integrated platform: clarity.