Cyber Threat Intelligence

Cyber Threat Intelligence is a project funded by France 2030 supported by France Relance - European Union.

Summary

The growing complexity of information systems, the multiplication of attacks and their increasing sophistication are making information systems increasingly vulnerable. The aim of the project is to provide a set of cyber threat intelligence services for the French market, aimed at cybersecurity teams, namely:

  1. Access to a national Threat Intelligence database (the memory);
  2. An Analysis Center acting as an enrichment service;
  3. Threat weather forecasts, explaining trends and predicting future attacks;
  4. An automatic system for proposing the use of indicators.

Consortium

The consortium organized by Thales includes industry giants such as the ATOS group, cyberthreat intelligence specialists such as Sekoia, detection specialists such as GLIMPS, detection and/or intelligence solution providers such as HarfangLab and Filigran, IT security specialists such as Snowpack and KOR Labs, contextual analysis specialists such as Geotrend, and two academic partners: Institut Mines Télécom (IMT) and Grenoble INP.

KOR Labs Contribution

KOR Labs will provide the paltform with various data related to DNS abuse: domain registration data, DNS records, host information, website data, ranking and popularity data. It will participate in the design of data analysis algorithms for the Analysis Center. It will also develop reputation algorithms that will evaluate abuse rates among the various types of DNS intermediaries (TLD registries, registrars, and hosting providers) to establish their ranking.