INTERSOC aims to deliver the tools that will improve the security posture of organisations, by pro-actively predicting cybersecurity threats and related risks, improving the detection and prevention capabilities to sophisticated threats and attacks, increasing the level of automation in incident management, while promoting confidential trust-based threat intelligence sharing and continuous training and education of security professionals. To achieve these objectives INTERSOC aims to combine and deploy several different technologies, tools and techniques concurrently and in unison, including:

• machine learning detection and prevention systems in the network and hosts, that solve the multidimensional and complex security problem related to the identification of attacks caused by novel multi-faceted actors (both external and internal) to complement static rules to detect known attacks.
• decentralised threat intelligence information sharing as a complement security system, based on a fast global P2P system designed for security data sharing that is potentiated by trust models, fine-tuned to address dynamic and changing trust relationships when sharing threat intelligence between organisations and devices.
• collection, categorisation, aggregation, correlation of structured and unstructured data, from different sources, towards information extraction and analysis of cybersecurity incidents, ultimately contributing to successful threat detection, investigation, and response (TDIR) outcomes.
• security orchestration and incident management automation, that utilises Business Process Modelling Notation (BPMN) to capture business processes and business continuity plans, driving the automation of incident response plans and orchestration of activities, resulting in minimum business interruption.
• dynamic risk management designed for interconnected nodes of an industrial ecosystem, able to identify threats and their propagation mechanism, evaluate in real-time the risk and assess the potential business impact of an attack while suggesting threat mitigation strategies.
• improved penetration testing methods and tools aiming to significantly reduce time and costs while increasing test frequency and entry point coverage.
• continuous training and education based on a comprehensive strategy for skills development of the cybersecurity workforce that goes beyond policies, supported through a hands-on educational cyber-range platform.
• efficient, user-friendly interaction methods, based on highly configurable, well-established and user-friendly dashboards (based on the concept of dash lets) assisting security practitioners to identify and summarise patterns within the collected data.