Platform Software

The SOCCRATES Platform consists of multiple components. Each component provides a particular service within the security automation and decision support platform. On this webpage the software is listed for each component, including information on where to get the software and instructions for installation. The SOCCRATES Platform can be deployed as a whole, or individual SOCCRATES components can be integrated within your own security infrastructure. See deliverables D2.3 SOCCRATES platform System Architecture & Interface Specification and D6.4 Final version of the SOCCRATES Platform for more information.

Click on the SOCCRATES component in the figure below to get more information.

Get in contact

Platform Software

The SOCCRATES Platform consists of multiple components. Each component provides a particular service within the security automation and decision support platform. On this webpage the software is listed for each component, including information on where to get the software and instructions for installation. The SOCCRATES Platform can be deployed as a whole, or individual SOCCRATES components can be integrated within your own security infrastructure. See deliverables D2.3 SOCCRATES platform System Architecture & Interface Specification and D6.4 Final version of the SOCCRATES Platform for more information.

Click on the SOCCRATES component in the figure below to get more information.

ADG Analyser

The ADG performs an analysis based on probabilistic attack simulations conducted on models of the infrastructure under assessment. The model is generated from data provided by the infrastructure modelling component (IMC) and can be further enriched with cyber threat information from the threat intelligence platform (TIP). Based on the analysis, ADG provides quantitative metrics on risk exposure and time to compromise (TTC), the most likely attack paths to high value assets as well as suggested mitigations. The attack defence graph analyser will use the attack simulation and automated threat modelling solution called securiCAD, which is a product of foreseeti.

Download

ADG Cortex Analyser

For the integration between OIE and securiCAD the ADG Cortext Analyser has been developed. It enables the OIE to request ADG analysis using securiCAD and provide the results back to the OIE. In addition, the ADG Cortext Analyser also collects data from other SOCCRATES components necessary to perform the requested ADG analysis.

For more information: https://foreseeti.com/

AI based Attack Detection


The AAD consists of multiple anomaly detection based Attack Detection tools, an evidential network called REASENS and software for integration of these tools. In the figure above this is visualized. Below all software components are referenced.

External

REASENS

REASENS Framework is a hierarchical REAsoning system that enables the collection of events from distributed and heterogeneous SENSors. REASENS provides among others alert correlation and system state inference (under attack, normal operation, erroneous operation). REASENS was developed by AIT.

REASENS will become available as open source. Contact for more information: Paul.Smith@ait.ac.at

External

AMiner

AMiner (logdata Anomaly Miner) is part of the ÆCID system, a log-based anomaly detection system operating on logs collected from the network layer (e.g., firewalls, switches, routers) and application layer (e.g., Web servers, DNS, application servers etc.). AMiner was developed by AIT. For more information see ÆCID.

AMiner is available on https://github.com/ait-aecid/logdata-anomaly-miner

Download

ABC Tool

ABC Tool is a netflow-based anomaly detection system, developed by TNO, for internal host communication profiling to detect among others lateral movement and data exfiltration.

ABC Tool is part of an Anomaly Detection product of  Sightlabs. Contact SightLabs for information.

Download

DNS Ninja

DNS Ninja is an anomaly detection system, developed by TNO, that allows you to monitor internal DNS traffic and provides insight into potentially malicious nodes in your infrastructure.

DNS Ninja is a product of SightLabs. Contact SightLabs for information.

Download

L-ADS

L-ADS is a netflow-based anomaly detection tool developed by Atos.

Contact Atos for information on how to obtain L-ADS: rodrigo.diaz@atos.net

Copyright 2022 Soccrates
Developed by Convident