Written by Sebastien Deleersnyder
New cybersecurity project to decrease online vulnerability with the help of Flanders Innovation & Entrepreneurship funding
A team of three Flemish technology and services companies and three research groups have started working on the APAX project. A two-year project, Automated Posture Analysis that Scales (APAX) will investigate the risks related to the digital presence of online assets in an automated manner that can adapt itself to the requirements of hyper scaling. The goal of the project is to achieve a higher level of cybersecurity and avoid negative impact from vulnerabilities such as Log4J by maximizing the usage of automated processes.
Industry project partners Awingu, Ceeyu and Toreon will join forces to research, explore and build technologies thanks to a cybersecurity funding initiative from VLAIO, the Flemish government agency for innovation and entrepreneurship. The three companies will apply ongoing research and inspire academics for future work to help automate the analysis of threats and challenges in cybersecurity. They will do so using the expertise from research partners VUB Software Languages Lab and VUB Artificial Intelligence Lab, together with industry association LSEC.
Limited resources
With the ongoing digitalization and continuous evolving cloud, internet technologies and applications running on them, new cybersecurity challenges appear while many older ones have not yet been resolved. The recent Log4J vulnerability that started early December 2021 continues to ripple throughout 2022 and will likely last for months or even years to come. The vulnerability kept cybersecurity teams busy during the end-of-year holiday period. All systems and applications needed to be inspected and analyzed for potential business risks that needed mitigation. Most organizations identified this as a labor-intensive activity, eating away their limited resources. They realized that an automated approach to protection, is a better way to go.
Maximize automation
The fundamental goal of the APAX project is to avoid malicious activities to happen and to avoid active business systems and applications from being inaccessible, infringed, unreliable, held hostage or being abused to trade illicit content. To keep up with these challenges and evolutions, cybersecurity will need to evolve from a manual, labor-intensive approach to automated prevention, detection, mitigation, reaction, incident handling, process management, reporting, analysis, and recovery. This must, of course, happen in close collaboration with the operating parties, supporting businesses, people, and processes.
Increase efficiency
The APAX project partners will work on improving minimally 50 partially automated assessments for cybersecurity postures. Further automation will increase the efficiency of cybersecurity experts and halve the time spent on each individual case. Maximizing automation decreases the cybersecurity reaction time and reduces the repetitive work of security specialists, allowing them to focus on their expert work.
About Awingu
Awingu produces a browser-based Unified Workspace solution. It allows users to work and collaborate from virtually anywhere using any device compatible with HTML5 browsers. As a turnkey solution, Awingu offers businesses the ease and convenience of platform-independent mobility and offers everything you need to stay productive: legacy and cloud applications, documents and data. Awingu requires zero configuration and zero client software installation, making IT administration extremely simple. Awingu is headquartered in Ghent, Belgium, with offices in the United States.
About Ceeyu
Ceeyu offers a cloud-based platform that allows organizations to more efficiently detect their external cyber risks and improve security. Organizations can thus map their digital footprint, online assets and ecosystems, including third-party vendors they work with. This is done through a combination of questionnaires and automated scans both resulting in an easy to interpret security rating. With APAX, Ceeyu can expand its portfolio towards Attack Surface Management by introducing more comprehensive scanning modules and improved compliance management for further automation and real-time analysis in the domain of security assessments.
About Toreon
Toreon is the largest Flemish originated cybersecurity expert services company. Grown from a team of specialized professionals, the company expanded rapidly organically. Toreon analyses the cybersecurity posture from the inside-out. A cybersecurity analysis can quickly require between 100 and 200 different scans that need to be executed, resulting in information that requires analysis. To optimize its services to its customers, but also to optimize the internal expert resources, Toreon has started to automate these analyses, but aims to further expand this process automation and by adding automated intelligence.
About VUB Labs
The VUB Software Languages Lab and the VUB Artificial Intelligence Lab are both innovative engineering departments from one of the leading Flemish universities in Belgium. Both have a long-standing scientific and industry-supporting background. Their expertise from the domain of applying AI-based automation and fuzzing technologies will be supporting the technology companies throughout the two-year project.
About LSEC
LSEC, an industry association that celebrates its 20th anniversary in 2022 will be focusing on the standardization work for automated postures, in relation to third party risk management analysis and relaying to developing industry standards in the US and EU.