Name/Tagline
Security AI for Enhanced SOC

Description
With threat actors proliferating at an unprecedented pace across verticals, threat intelligence sharing, and situational awareness are paramount for swift detection and decision-making. The SAFE project aims to optimize CTI creation and analysis by developing enabling technologies for Security Operations Centers. To this effect, we will leverage the efforts underwent in CYDERCO project (DIGITAL-ECCC-2022- CYBER-03-SOC). The scope of this evolution is to automate the initial steps in malware or forensic analysis as much as possible. This will empower the generation and distribution of original threat intelligence while engaging novel technologies such as AI in different areas. To enhance functional efficiency, we aim to harness AI in various cybersecurity domains such as incident response in the SAFE Battle Control Center or threat intelligence enrichment in the SAFE Distribution Threat Intelligence Platform modules. The SAFE Analysis Environment will detonate malware, submit samples of potentially malicious files for analysis, and feed output back into the other component(s). The proposed components will also make use of network-based response and data acquisition software to enhance the level of visibility into potential incidents on the supported assets.

Responsible
Isabel Praça (ISEP)

Project Coordinator
–