About SOCcare project
The SOCcare project is aimed at building better cyber threat intelligence through improved analysis of digital artefacts, and then sharing this threat intelligence across the Eastern Europe region and beyond to increase cooperation and cyber resilience of Digital Europe.
Currently, all consortium partners NRD Cyber Security, RevelSI and Politehnica University of Bucharest (UPB) have operational SOCs ( Security Operation Centre) covering detections in various digital infrastructures. However, the maturity of digital artefact analysis and related threat intelligence generation and sharing processes after incident identification in the subsequent incident analysis process is relatively low due to a non-standardised approach to this digital artefact analysis and related threat intelligence generation & sharing across SOCs.
The objectives of the project are:
Establishing standardised practices for digital artefact analysis using the open source Dissect tool – creating a methodology, processes and standard operating procedures to improve incident analysis maturity.
Building cyber threat intelligence creation process and procedure practices from the aforementioned digital artifact analysis practices, based on the Dissect tool.
Continually practice and refine the above practices, providing and sharing actual cyber threat intelligence from observed incidents.
Creating and sharing the applied methodologies with wider SOC communities in Romania, Lithuania, neighbouring countries and EU Member States.
Project coordinator: Lukas Vytautas Dagilis
Technical Product ManagerProject participants:
NRD CS (UAB NRD CS)
RevelSI ( REVEL BUSINESS GROUP SRL )
UNSTPB ( UNIVERSITATEA NATIONALA DE STIINTA SI TEHNOLOGIE POLITEHNICA BUCURESTI )
Project funded by:
Project co-funded by the European Union. The project funded under Grant Agreement No. 101145843 and is supported by the European Cybersecurity Competence Centre