SOC & CSIRT Response to Attacks & Threats based on attack defense graphs Evaluation Systems

Ruben Trapero
TNO Innovation for life
Funding Program
Project Date

SOCCRATES aims to develop and implement a new security platform for Security Operation Centres (SOCs) and Computer Security Incident Response Teams (CSIRTs) of individual organizations and offered by Managed Security Service Providers (MSSP). They will significantly improve their capability to quickly and effectively detect and respond to new cyber threats and ongoing attacks by using this platform. The platform contains innovative solutions to automated infrastructure modelling, improve attack detection, Cyber Threat Intelligence utilization, AI and machine learning based threat trend prediction, and automation using Attack Defence Graphs (ADG) and business impact modelling to aid human analysis and decision-making on the best course of action, enabling the execution of defensive actions at machine-speed. 

SOCCRATES’ goal is to integrate the solutions that are developed and tested in the project into COTS products which are exploited by SOCCRATES partners and others to facilitate their customers. 

Our role

Atos coordinates the work package 6, leading the implementation of the security orchestrator, security frontend and the integration activities. Atos also contributes with Machine Learning based incident detection mechanisms.

Related News & Events

IA Based Attack Detection

In recent years it has become extremely difficult to support the role of SOC analysts that need to monitor and inspect an extremely large volume of events.

NG-SOC 2020

The NG-SOC 2020 workshop aimed at creating a forum for researchers and practitioners to discuss the challenges associated with SOC operations and focusing on research contributions that can be appl