Cyber Security solutions e-Catalogue

CASPer is a set of tools and databases supporting MiCA, DORA and other cryptocurrency-related regulations across EU. CASPer contains a reputation database of well-known cryptocurrency asset service providers, which can be used to check their legal status, used IBAN accounts, blockchain activity, etc. By the end of DEFRAUDify project, CASPer will also include a risk-scoring system to perform due diligence on cryptocurrency transactions, addresses and clusters.

• Banks
• FinTech companies
• Cryptocurrency service providers

So far none but let’s hope that DEFRAUDify partner Bunq will adopt it

open-source

COINOMON (COIN MONitoring tool) is software which enables its user to conduct cryptocurrency forensics. COINOMON combines the functionality of a blockchain explorer, a linkage analysis system and a curated database of (meta)data from the cryptocurrency ecosystem. Unique features compared to the products by competition:

1. on-premises installation;
2. free API for integration with other tools/services;
3. OSINT and network intelligence enhancing information about address/cluster (meta)data.

• Law enforcement agencies
• Banks
• Regulatory entities

Unnamed law enforcement agencies

proprietary license

More than 80% of Internet traffic is now encrypted. This is a positive development for end users and organizations, providing them with data privacy. Encrypted traffic renders much of the existing tool-chains for cybersecurity useless as the ability to examine traffic contents is lost.

This solution allows to detect cyber-attacks hiding in encrypted traffic. Specifically, this solution covers: • Detect rogue IoT devices • Detect cyberattacks

• Security Operation Centres (SOCs)
• Large enterprises with internal Cybersecurity department
• IT Integrators (IT Consulting companies)

ENTA Solution will be available by the end of the project, that is by 2025

Service

FirmwareCheck is a tool for automated dynamic security analysis of firmware images generated by buildroot. Running in a CI-pipeline, it allows developers to identify security risks while developing IoT-firmware. FirmwareCheck emulates firmware using QEMU. Firmware is scanned for typical IoT security issues including:

• Outdated components (CVEs)
• Open (debug) ports
• Default passwords or anonymous logins
• Processes running as root
• Executables that can be used to get a reverse shell on a device

• Providers/vendors of IoT Systems
• Security consulting companies

Open source: Apache 2.0 License

Irdeto Keys & Credentials is a managed security service for the complete lifecycle of trusted identities, secrets, and secured firmware for connected embedded products. It provides long-term security rooted in silicon for devices such as set-top boxes, routers, engine control units, smart grid modules, and medical devices. A flexible, scalable, and customizable solution is provided with cloud services, on-prem installations and dedicated physical keying centres with staffed personnel.

• Communication Service Providers
• Automotive and Railway Device Manufacturers
• Medical Device Manufacturers

• Charter Communications
• Knorr-Bremse GmbH
• CharIN e. V.

Managed Service

PRIGM, a high-throughput Hardware Security Module, integrated with high-performance secure IoT gateways and secure authentication tokens present a hardware-based cyber-physical resilience solution stack. The solutions create point-to-point security between any node pairs in a cyber-physical system.

• Data centres, HPCs, cloud providers
• Financial institutions, banks
• Cyber-physical and autonomous system integrators

• The certification and contracting phase is still ongoing with 3 customers from the automotive, ICT and logistics domains.
• Reference H2020 projects: Critical-Chains, Safety4Rails, Valu3S

PRIGM-as-a-Service over cloud Hardware solution stack that can be deployed in any cyber-physical system Licensing & consultancy

Used in 12 countries, Rugged IP deviation emulator (Rude) acts as a man-in-the-middle device to spoof any chosen bits of IP traffic passing through. During the ITEA project CyberFactory#1, Rude was topped to support functional safety of autonomous vehicles under IP network hick-ups and cyberattacks. All autonomous vehicles are subject to strict regulation in the form of functional safety requirements. Rude simulates these requirements by corrupting controlling IP messages.

• Manufacturers of autonomous vehicles
• Network equipment manufacturers
• Operational technology and military

• NATO
• Nokia
• Sandvik

Buying or leasing the product with annual license and support fee.

WebRazor is programmable web scraping framework extracting data from surface web and also darknet (e.g., Tor, I2P). WebRazor framework allows you to: 1) decode and parse the webpage programmatically for both human-readable and machine content; 2) crawl and discover new links and resources; 3) archive obtained data in a transferable form guaranteeing integrity.

• Law enforcement agencies
• Tech companies

Unnamed law enforcement agencies monitoring darknet marketplaces

proprietary license