Skip to main content

cAPTor captures Advanced System Threats

Periodic Reporting for period 1 - CAPTOR (cAPTor captures Advanced System Threats)

Reporting period: 2014-10-01 to 2015-02-28

This action is related to the topic Critical infrastructure protection topic 7: SME instrument topic: “Protection of Urban soft targets and urban critical infrastructures”.
As stated in the “Dedicated SME Instrument Work Programme 2014-2015” document, DRS-17-2014/2015 challenge, «urban soft targets, as well as urban critical infrastructures, are exposed to increasing security threats» and research in this area can cover any area of the urban critical infrastructure protection, “such as, for example: […]; protection of energy/transport/communication grids; […]; protecting supply chains; avoiding cyber-attacks and developing cyber resilience systems for critical infrastructures”.

CAPTOR is a product whose main objective is to characterize, identify and detect APTs (today’s most sophisticated cyber attacks) as well as minimize their impact in the target organization. CAPTOR is designed to operate in complex environments, like Urban Critical Infrastructures, where IT, industrial, energy and network infrastructures must be protected from security threats.
The most important innovations of CAPTOR are the focus on detection during the exfiltration phase of the attack and the application of a set of techniques and methodologies known as anomaly detection, which will be later explained. This is an approach more akin to classic intelligence as opposed to the malware-detection-centered approach used by the vast majority of proposed commercial solutions.

Advances in the integration of ICT technologies in urban areas and their infrastructures have brought undeniable advantages to the cities’ economic management, inhabitability and have helped to reduce their environmental impact.
Unfortunately, together with these advantages, and mainly due to the digital convergence between ICS (Industrial Control Systems) and ICT infrastructures, many cyber security vulnerabilities have been introduced in infrastructures where this type of threat have never before been taken into account. The threat posed by cyber terrorists and cyber criminals continually grows and organizations are increasing their awareness of the possibility of an incident.
The final objective of the current action is to determine the feasibility of CAPTOR in the European market. For this purpose a research about the most suitable country markets and sectors has been performed; as well as a deep competitor analyses, including a mystery shopper study. Furthermore, the study includes a potential customer survey and the development of the business plan and business model. For this last task the services of an external expert consultant were used.
The results of the current study confirmed its feasibility and future actions will be developed. The results of these next actions are aimed to achieve:
- Through an Early Involvement Program International customers in at least 3 different countries.
- A complete set of training tools for the international market, including a Demonstration Platform online.
- Participate in at least 3 international events with product demonstration and potential customer feedback.
- Include CAPTOR in Gartner APT Magic Quadrant.
Product logo