Cybersecurity Knowledge Base (KB)

Result Type

Scientific/Technological R&D Result including ICT Hardware

Lead Developer

Future Intelligence Ltd

Keywords

Cyber Threat Intelligence, Automated Threat Exchange, Collaborative Threat Analysis, Automated Detection and Response

Our unique value consists on providing a solution that can be both accommodated in cloud and on-premise (addressing as such any Cloud-derived security/privacy concerns) deployments providing a consistent experience to the users; further to that the envisaged automated integration of cyber-threat intelligence information from various external repositories, the seamless encapsulation/adaptation of the information in a common standardised language (i.e. STIX) and the sharing of actionable cyber intelligence information via open APIs promotes the solution's interoperability with other cyber-security actuators towards forming a collaborative threat analysis, automated threat exchange and automated detection and response ecosystem enabling for faster detection and response times when dealing with cybersecurity incidents thus minimising their negative impact on the business in terms of affected assets (e.g. disrupted IT systems and services), lost profits from the services' disruption, lost reputation, and lost work hours.

Result Description

Cybersecurity Knowledge Base (KB) repository plays a key role in collaborative threat analysis, automated threat exchange and automated detection and response. In this direction, it stores and offers cyber threat intelligence (CTI) information (e.g. attack patterns, vulnerabilities, threat indicators, etc) using the OASIS STIX (Structured Threat Information Expression) language. The KB information can be used from other cybersecurity services, such as threat detection engines, Honeypots, Decision Support systems to detect suspicious or malicious cyber activities, identify their type and recommend appropriate courses of action that can be used to address the detected attacks and vulnerabilities. Besides enabling its users to register new attack patterns and vulnerabilities, the KB additionally collects threat intelligence knowledge from third-party threat intelligence share repositories such as NIST’s National Vulnerability Database and MITRE’s Common Attack Pattern Enumeration and Classification towards capturing the latest screenshot of the continuous evolving cybersecurity threat landscape.

Target Business Sectors / EU Policy Areas

  • Business and industry
  • Digital economy and society
  • Research and innovation

Contribution to UN Sustainable Development Goals