The EU is funding a project that aims to strengthen internal communication around cyber threats in Europe. Eviden will be the coordinator of this project.

Eviden will coordinate the new European CYDERCO project. The aim of this project is to improve the capabilities of Security Operations Centers (SOCs) within the European Union. The entire project will run for three years and will be partially financed by the European Cybersecurity Competence Center (ECCC). The EU’s goal is to develop a platform that optimizes detection and response to cyber threats.

Strong together

One of the weaknesses in cyber defense in the EU is currently the fragmented approach. There are no robust mechanisms to share critical attack and threat data across national borders. CYBERCO has to change that. The acronym CYDERCO stands for “Cyber ​​Detection, Response and Collaboration.” The project has four main objectives:

• Threat intelligence sharing: The project should enable secure data exchange and synchronization of events between different entities. Events and attributes can be automatically synchronized between different instances.
• Threat intelligence enrichment: The platform supports threat intelligence correlation to find and investigate relationships between different threat elements and attributes such as malware, attack campaigns and threat actors.
• Signaling support: There is an opportunity to alert other companies and authorities when an indicator is present in a system or network. This allows SOC teams to respond more proactively to cyberattacks.
• Fast distribution: The platform will support the rapid deployment of response capabilities, including the rapid distribution of Signatures new malware.

analysis

The project aims to improve the collaboration and responsiveness of SOCs within Europe. The platform that Eviden will coordinate will provide SOCs with advanced cyber threat intelligence, including detailed Indicators of Compromise (IoCs) and threat actor techniques. This information is intended to enable SOCs to respond more effectively and quickly to attacks.

The platform will include several features:

• Data analysis platform: This allows SOCs to quickly detect, investigate and respond to threats. The system is designed to be scalable and stable.
• Network traffic analysis: By monitoring network activity, the platform can detect malicious traffic.
• Host Intrusion Detection Service (HIDS): This feature provides protection for various operating systems, including Linux, Windows and Mac, and can detect things like rootkits and malware.
• AI-driven analysis: To detect more complex and unknown attacks, the platform uses artificial intelligence to process data.

Partners and collaboration

The consortium behind the CYDERCO project consists of four partners: Eviden in Romania, Atos in Spain, the Instituto Superior de Engenharia do Porto (ISEP) and the Romanian National Cybersecurity Directorate (DNSC). Each of these partners brings expertise ranging from technical knowledge to public safety experience. Through this collaboration, CYDERCO can support SOCs across Europe in detecting threats and sharing threat intelligence. The project has a budget of around 2.88 million euros and is funded by the European Union.