The SAFE4SOC (Standard Alert Format Exchange for SOCs) project has now completed its start-up phase.
The main objective of the project is the sharing of threat detection information between SOCs to create collective knowledge with AI technology. The format used in the project for the threat detection information sharing is IDMEFv2 so it’s a good opportunity to work on the format.
The specification phase ends and developments will soon begin.
The main works that will be carried out on IDMEFv2 during the project are:
– tuning the two drafts format and transport and probably write an associated Best Current Practice
– developing and improving IDMEFv2 tools and libraries,
– adapting some open-source and commercial software to IDMEFv2,
– developing a CP SIEM (Cyber & Physical SIEM) compatible with IDMEFv2,
– working with the IETF to enter into an official standardization process,
– and obviously promotion of IDMEFv2!
The SAFE4SOC project is a major new step toward IDMEFv2 standardization.
More info on the project and the consortium: https://safe4soc.eu/
Safe4Soc has received funding from the European Union’s Digital Europe Programme under Grant Agreement number 101145846. Co-funded by the European Union. The project will last until the end of 2026.