Summary
Organisations in Europe face the difficult task of detecting and responding to increasing numbers of cyber-attacks and threats, given that their own ICT infrastructures are complex, constantly changing (e.g. by introduction of new technologies) and there is a shortage of qualified cybersecurity experts. There is a great need to drastically reduce the time to detect and respond to cyber-attacks, and to enable organisations to structurally stay ahead of the threat.
SOCCRATES will develop and implement a new security platform for Security Operation Centres (SOCs) and Computer Security Incident Response Teams (CSIRTs), that will significantly improve an organisation’s capability to quickly and effectively detect and respond to new cyber threats and ongoing attacks. The SOCCRATES Platform consists of an orchestrating function and a set of innovative components for automated infrastructure modelling, attack detection, cyber threat intelligence utilization, threat trend prediction, and automated analysis using attack defence graphs and business impact modelling to aid human analysis and decision making on response actions, and enable the execution of defensive actions at machine-speed.
The SOCCRATES platform will be implemented and deployed at two pilot environments with highly complex and diverse ICT environments and typical application scenarios: an organisation’s internal SOC, and a Managed Security Service Provider. The threat trend prediction component will be deployed at a third pilot environment at which large amount of malicious infrastructure data is collected and analysed. The aim is to exploit the SOCCRATES platform and its components in commercial products.
The SOCCRATES platform and innovative components enables organisations to improve the resilience of their infrastructures and increase productivity and efficiency at the SOC. SOCCRATES’s outcome contributes to a more secure cyberspace and strengthens competitiveness in the EU digital single market.
SOCCRATES will develop and implement a new security platform for Security Operation Centres (SOCs) and Computer Security Incident Response Teams (CSIRTs), that will significantly improve an organisation’s capability to quickly and effectively detect and respond to new cyber threats and ongoing attacks. The SOCCRATES Platform consists of an orchestrating function and a set of innovative components for automated infrastructure modelling, attack detection, cyber threat intelligence utilization, threat trend prediction, and automated analysis using attack defence graphs and business impact modelling to aid human analysis and decision making on response actions, and enable the execution of defensive actions at machine-speed.
The SOCCRATES platform will be implemented and deployed at two pilot environments with highly complex and diverse ICT environments and typical application scenarios: an organisation’s internal SOC, and a Managed Security Service Provider. The threat trend prediction component will be deployed at a third pilot environment at which large amount of malicious infrastructure data is collected and analysed. The aim is to exploit the SOCCRATES platform and its components in commercial products.
The SOCCRATES platform and innovative components enables organisations to improve the resilience of their infrastructures and increase productivity and efficiency at the SOC. SOCCRATES’s outcome contributes to a more secure cyberspace and strengthens competitiveness in the EU digital single market.
Unfold all
/
Fold all
More information & hyperlinks
Web resources: | https://cordis.europa.eu/project/id/833481 |
Start date: | 01-09-2019 |
End date: | 31-10-2022 |
Total budget - Public funding: | 5 930 713,00 Euro - 4 996 588,00 Euro |
Cordis data
Original description
Organisations in Europe face the difficult task of detecting and responding to increasing numbers of cyber-attacks and threats, given that their own ICT infrastructures are complex, constantly changing (e.g. by introduction of new technologies) and there is a shortage of qualified cybersecurity experts. There is a great need to drastically reduce the time to detect and respond to cyber-attacks, and to enable organisations to structurally stay ahead of the threat.SOCCRATES will develop and implement a new security platform for Security Operation Centres (SOCs) and Computer Security Incident Response Teams (CSIRTs), that will significantly improve an organisation’s capability to quickly and effectively detect and respond to new cyber threats and ongoing attacks. The SOCCRATES Platform consists of an orchestrating function and a set of innovative components for automated infrastructure modelling, attack detection, cyber threat intelligence utilization, threat trend prediction, and automated analysis using attack defence graphs and business impact modelling to aid human analysis and decision making on response actions, and enable the execution of defensive actions at machine-speed.
The SOCCRATES platform will be implemented and deployed at two pilot environments with highly complex and diverse ICT environments and typical application scenarios: an organisation’s internal SOC, and a Managed Security Service Provider. The threat trend prediction component will be deployed at a third pilot environment at which large amount of malicious infrastructure data is collected and analysed. The aim is to exploit the SOCCRATES platform and its components in commercial products.
The SOCCRATES platform and innovative components enables organisations to improve the resilience of their infrastructures and increase productivity and efficiency at the SOC. SOCCRATES’s outcome contributes to a more secure cyberspace and strengthens competitiveness in the EU digital single market.
Status
CLOSEDCall topic
SU-ICT-01-2018Update Date
27-10-2022
Images
No images available.
Geographical location(s)
Structured mapping
Unfold all
/
Fold all