4 min reading
Wed Mar 16 2022

New cybersecurity project to decrease online vulnerability with the help of Flanders Innovation & Entrepreneurship funding

new-cybersecurity-project-to-decrease-online-vulnerability-with-the-help-of-flanders-innovation-entrepreneurship-funding

Antwerpen, Bonheiden, Brussel, Gent and Leuven, Belgium, February 1st, 2022.

A team of three Flemish technology and services companies and three research groups have started working on the APAX project. A two-year project, Automated Posture Analysis that Scales (APAX) will investigate the risks related to the digital presence of online assets in an automated manner that can adapt itself to the requirements of hyper scaling. The goal of the project is to achieve a higher level of cybersecurity and avoid negative impact from vulnerabilities such as Log4J by maximising the usage of automated processes.

Industry project partners Awingu, Ceeyu and Toreon will join forces to research, explore and build technologies thanks to a cybersecurity funding initiative from VLAIO, the Flemish government agency for innovation and entrepreneurship. The three companies will apply ongoing research and inspire academics for future work to help automate the analysis of threats and challenges in cybersecurity. They will do so using the expertise from research partners VUB Software Languages Lab and VUB Artificial Intelligence Lab, together with industry association LSEC.

Limited resources

With the ongoing digitalization and continuous evolving cloud, internet technologies and applications running on them, new cybersecurity challenges appear while many older ones have not yet been resolved. The recent Log4J vulnerability that started early December 2021 continues to ripple throughout 2022 and will likely last for months or even years to come. The vulnerability kept cybersecurity teams busy during the end-of-year holiday period. All systems and applications needed to be inspected and analysed for potential business risks that needed mitigation. Most organizations identified this as a labour-intensive activity, eating away their limited resources. They realised that an automated approach to protection, is a better way to go.

Maximize automation

The fundamental goal of the APAX project is to avoid malicious activities to happen and to avoid active business systems and applications from being inaccessible, infringed, unreliable, held hostage or being abused to trade illicit content. To keep up with these challenges and evolutions, cybersecurity will need to evolve from a manual, labour-intensive approach to automated prevention, detection, mitigation, reaction, incident handling, process management, reporting, analysis, and recovery. This must, of course, happen in close collaboration with the operating parties, supporting businesses, people, and processes.

Increase efficiency

The APAX project partners will work on improving minimally 50 partially automated assessments for cybersecurity postures. Further automation will increase the efficiency of cybersecurity experts and halve the time spent on each individual case. Maximizing automation decreases the cybersecurity reaction time and reduces the repetitive work of security specialists, allowing them to focus on their expert work.

About Awingu

Awingu produces a browser-based Unified Workspace solution. It allows users to work and collaborate from virtually anywhere using any device compatible with HTML5 browsers. As a turnkey solution, Awingu offers businesses the ease and convenience of platform-independent mobility and offers everything you need to stay productive: legacy and cloud applications, documents and data. Awingu requires zero configuration and zero client software installation, making IT administration extremely simple. Awingu is headquartered in Ghent, Belgium, with offices in the United States.

About Ceeyu

Ceeyu provides a cloud-based analysis of a company’s digital presence, outside-in. This posture analysis displays all IT assets visible to any internet user, including malicious ones applying a similar analysis to gather intelligence to determine their attack paths. Ceeyu aims to quickly expand its intelligence gathering, support to standardize the results and automate the analysis to minimize its cost and provide continuously near real-time posture analysis.

About Toreon

Toreon is the largest Flemish originated cybersecurity expert services company. Grown from a team of specialized professionals, the company expanded rapidly organically. Toreon analyses the cybersecurity posture from the inside-out. A cybersecurity analysis can quickly require between 100 and 200 different scans that need to be executed, resulting in information that requires analysis. To optimize its services to its customers, but also to optimize the internal expert resources, Toreon has started to automate these analyses, but aims to further expand this process automation and by adding automated intelligence.

About VUB Labs

The VUB Software Languages Lab and the VUB Artificial Intelligence Lab are both innovative engineering departments from one of the leading Flemish universities in Belgium. Both have a long-standing scientific and industry-supporting background. Their expertise from the domain of applying AI-based automation and fuzzing technologies will be supporting the technology companies throughout the two-year project.

About LSEC

LSEC, an industry association that celebrates its 20th anniversary in 2022 will be focusing on the standardization work for automated postures, in relation to third party risk management analysis and relaying to developing industry standards in the US and EU.

 

For more information, please contact Ulrich Seldeslachts, MD LSEC, Sebastien Deleersnyder, CTO Toreon, or any of the industry and scientific partners.

Other Blogposts

Ceeyu UI

NIS2: Essential entities vs Important entities, what’s the difference?

The impact of NIS2 for essential and important entities is not much different when it comes to implementing controls to comply, as they are ...

December 11, 2023

the-eu-dora-regulation-and-third-party-risk

The EU DORA regulation and third party risk

With the DORA regulation that the EU aims to strengthen the IT security of financial services and industries. This means banks, insurance co...

July 17, 2022

how-to-manage-the-third-party-risks-posed-by-your-critical-suppliers

How to manage the third party risks posed by your critical suppliers

This blog post walks you through some ideas on how to navigate the complex web of third-party risks, focusing on critical suppliers.

June 27, 2022