Following our initial (Alpha) release of IDPS-ESCAPE on September 1st, 2024 introducing ADBox, our dedicated anomaly-based intrusion detection solution relying on state-of-the-art advances in artificial intelligence, we have made another release on GitHub that in addition to patches and improvements, provides a full integration into Wazuh, the well-known open-source SIEM, which you can catch a glimpse of by watching this short walkthrough. Click here to read the whole article  

Interview with Lëtzebuerger Gemengen,translation  by  itrust  consulting. By aiming to bring all European entities considered essential or important to the functioning of its Member States to a high level of maturity in terms of cybersecurity, the European NIS2 directive is challenging many organisations in terms of monitoring. To help them achieve compliance, Arash Atashpendar, Cofounder & CTO, Agnese Gini, R&D Specialist, and Camar Houssein, Security Consultant at itrust Abstractions Lab, are unveiling IDPS-ESCAPE, an open-source solution powered by artificial intelligence that has been available since 1 September. “ADBox relies on trained artificial intelligence to model the normal behaviour of a system“ An intelligent trio itrust Abstractions Lab, a spin-off from itrust consulting, has just published the alpha version of one of the six sub-projects of CyFORT, a research project developed in collaboration with itrust consulting and aimed at providing cybersecurity tools with permissive licences to offer alternatives to “proprietary vendor lock-in”. Called IDPS-ESCAPE, short for “Intrusion Detection and Prevention Systems for Evading Supply Chain Attacks and Post-compromise Effects”, it meets the new requirements of the European NIS2 directive on the security of networks and information systems. “All entities providing services considered critical or highly critical to the functioning of Member States, whether public or private, will be subject to certain obligations, including the monitoring of their IT infrastructure. That’s what our intrusion detection and prevention system offers”, explains Arash Atashpendar. IDPS-ESCAPE, developed according to C5-DEC and its tools (beta version published on 19 July), is a three-component solution that captures a flow of information and analyses it within a centralised system. The open-source software Wazuh and Suricata collect and monitor data from computers and networks respectively. “These agents, which are responsible for observing everything that runs on a computer and everything that enters it via the network, will capture a large amount of information and centralise it. On their own, these tools often generate false alarms. IT managers then have to act quickly, in a rush that simply doesn’t allow them to analyse all the data collected by the system. Sometimes, they are forced to shut down the entire infrastructure, and therefore the services provided by their organisation, even though the anomaly in question may not represent any risk. That’s why IDPS-ESCAPE contains a 3rd component of our own, ADBox, for “Anomaly Detection Box”, which is based on an machine learning model trained to learn the normal behaviour of a… Read more »

itrust consulting is excited to announce an upcoming training session designed to help you develop essential skills and boost your expertise. The Network and Information Security directive NIS2 is due to be transposed and applicable on 17 October 2024. In order to strengthen management accountability and prevent cyberattacks, the regulators have mandated the decision maker to be trained in cybersecurity. This course teaches managers without technical knowledge on NIS2 requirements: state-of-the-art information security management systems, risk management theories and practices, the technical process for understanding and, managing cyber-attacks. Click here for more information and to register