Security Manager

Resilience against cyber-attacks is of paramount importance for all RECITALS components. To this end, the third module of RECITALS focuses exclusively on cyber-security. Based on a thorough analysis of logs and cyber-attacks targeting privacy-preserving identity management and data sharing systems, the Security Manager provides the following complementary components:

Cyber-threat Detector

Equipped with state-of-the-art techniques for identifying potential cyber threats and attacks within the RECITALS platform:

  • Anomaly detection: Establishes a baseline of normal activity and identifies deviations from expected behavior.
  • Signature-based detection: Leverages a database of known signatures to identify patterns associated with common cyber threats.
  • Behavioral-based detection: Continuously monitors the behavior of applications, components, and network traffic to identify potential cyber threats.
  • Endpoint detection and response: Deploys software agents on endpoints to monitor activity for signs of cyber threats, isolate infected endpoints, and collect forensic data.
  • Security information and event management (SIEM): Collects, analyzes, and correlates security events and incidents from various sources within the RECITALS platform.

Most techniques can be combined with machine and deep learning to detect cyber threats from large volumes of data and identify potential cyber threats in real-time.

Cyber-threat Orchestration, Automation and Response

Comprises state-of-the-art techniques for addressing the attacks identified by Cyber-threat Detector. These techniques rely on valuable threat intelligence from diverse sources:

  • SIGMA rules: Standardized detection rules for security events
  • MITRE ATT&CK: Knowledge base of adversary tactics and techniques
  • Open data CTI platforms: Cyber Threat Intelligence from various sources

With the integration of detection rules and threat intelligence from diverse sources, this module enhances the ability to understand and respond to emerging threats and tactics, providing crucial insights into emerging threats.