Streamlining cybersecurity incident analyses (SECURIAN)

Cybersecurity teams currently use the tools that excel in analytical capabilities but offer only limited support for their procedural documentation. It results in unnecessarily high cognitive demands on analysts, which makes the whole process time-consuming and error-prone. The project aims at providing a drill-down analysis support tool that combines visual querying methods, an analytical provenance concept, and a machine-readable data format to store provenance metadata. The proposed approach will enable the authoring of reusable analytical process reports and their automatic execution, which will lead to a significant streamlining of cybersecurity analysts' workflows. By using a recommendation system, it will also be possible to propose further analytical steps.

This project is co-financed from the state budget by the Technology Agency of the Czech Republic and Ministry of Industry and Trade of the Czech Republic under the TREND Programme.