SOC & CSIRT Response to Attacks & Threats based on attack defense graphs Evaluation Systems

Ruben Trapero
TNO Innovation for life
Funding Program
H2020 h2020
Project Date

SOCCRATES aims to develop and implement a new security platform for Security Operation Centres (SOCs) and Computer Security Incident Response Teams (CSIRTs) of individual organizations and offered by Managed Security Service Providers (MSSP). They will significantly improve their capability to quickly and effectively detect and respond to new cyber threats and ongoing attacks by using this platform. The platform contains innovative solutions to automated infrastructure modelling, improve attack detection, Cyber Threat Intelligence utilization, AI and machine learning based threat trend prediction, and automation using Attack Defence Graphs (ADG) and business impact modelling to aid human analysis and decision-making on the best course of action, enabling the execution of defensive actions at machine-speed. 

SOCCRATES’ goal is to integrate the solutions that are developed and tested in the project into COTS products which are exploited by SOCCRATES partners and others to facilitate their customers. 

Our role

Atos coordinates the work package 6, leading the implementation of the security orchestrator, security frontend and the integration activities. Atos also contributes with Machine Learning based incident detection mechanisms.