SAFE ECCC

Security AI for Enhanced SOC

SAFE logo is just text SAFE The SAFE project aims to optimize CTI creation and analysis by developing enabling technologies for Security Operations Centers. To this effect, we will leverage the efforts underwent in CYDERCO project (DIGITALECCC-2022-CYBER-03-SOC). The scope of this evolution is to automate the initial steps in malware or forensic analysis as much as possible. This will empower the generation and distribution of original threat intelligence while engaging novel technologies such as AI in different areas. To enhance functional efficiency, we aim to harness AI in various cybersecurity domains such as incident response in the SAFE Battle Control Center or threat intelligence enrichment in the SAFE Distribution Threat Intelligence Platform modules. The SAFE Analysis Environment will detonate malware, submit samples of potentially malicious files for analysis, and feed output back into the other component(s). The proposed components will also make use of network-based response and data acquisition software to enhance the level of visibility into potential incidents on the supported assets.

INFALIA in SAFE
INFALIA leads the information extraction task has the aim to provide a list of various tasks, activities, actions performed by the detonated malware, through log analysis.

Call: DIGITAL-ECCC-2024-DEPLOY-CYBER-06
Budget: € 7.998.10,41
Topic: DIGITAL-ECCC-2024-DEPLOY-CYBER-06-ENABLINGTECH
Type of action: DIGITAL JU Simple Grants
Duration: Jan 2025 – Dec 2027