Periodic Reporting for period 1 - CAPTOR (cAPTor captures Advanced System Threats)
Reporting period: 2014-10-01 to 2015-02-28
As stated in the “Dedicated SME Instrument Work Programme 2014-2015” document, DRS-17-2014/2015 challenge, «urban soft targets, as well as urban critical infrastructures, are exposed to increasing security threats» and research in this area can cover any area of the urban critical infrastructure protection, “such as, for example: […]; protection of energy/transport/communication grids; […]; protecting supply chains; avoiding cyber-attacks and developing cyber resilience systems for critical infrastructures”.
CAPTOR is a product whose main objective is to characterize, identify and detect APTs (today’s most sophisticated cyber attacks) as well as minimize their impact in the target organization. CAPTOR is designed to operate in complex environments, like Urban Critical Infrastructures, where IT, industrial, energy and network infrastructures must be protected from security threats.
The most important innovations of CAPTOR are the focus on detection during the exfiltration phase of the attack and the application of a set of techniques and methodologies known as anomaly detection, which will be later explained. This is an approach more akin to classic intelligence as opposed to the malware-detection-centered approach used by the vast majority of proposed commercial solutions.
Advances in the integration of ICT technologies in urban areas and their infrastructures have brought undeniable advantages to the cities’ economic management, inhabitability and have helped to reduce their environmental impact.
Unfortunately, together with these advantages, and mainly due to the digital convergence between ICS (Industrial Control Systems) and ICT infrastructures, many cyber security vulnerabilities have been introduced in infrastructures where this type of threat have never before been taken into account. The threat posed by cyber terrorists and cyber criminals continually grows and organizations are increasing their awareness of the possibility of an incident.
- Through an Early Involvement Program International customers in at least 3 different countries.
- A complete set of training tools for the international market, including a Demonstration Platform online.
- Participate in at least 3 international events with product demonstration and potential customer feedback.
- Include CAPTOR in Gartner APT Magic Quadrant.