Name/Tagline
Cyber Detection, Response and Collaboration

Description
The threat landscape has been increasing exponentially as the adoption of new technologies such as IoT, Big Data, Cloud computing are expanding the attack surface and cyber criminals are becoming more organized. We will develop, test, and validate two platforms that will support and enhance the detection and response capabilities of relevant entities, including private and national SOC’s, to fight against cyber threats that affect network and information systems across the European Union. The Detection and Response hub includes 4 main building blocks that will provide detection of malicious activities and incidents at network and host level using both traditional detection techniques and advanced AI-based detection. The platform should be fast and flexible and should provide SOC engineers with the needed info to efficiently detect, triage, investigate and respond to threats. The Threat Intelligence platform will provide SOC’s with critical info about threat actors and their TTPs, IoCs, improving collaboration, efficiency and proactivity in dealing with cyber-attacks. Threat Intelligence need to cover the entire attack surface and attack vectors, and organizations need to watch and hunt for threats specific to each industry. It is an integrated part of the SOC where threat intelligence feeds give actionable risk scorings and enable the detection of unknown threats before they reach the organization.

Responsible
Isabel Praça

Project Coordinator
–