SWEPT - Securing Websites through malware dEtection and attack Prevention Technologies


Description

SWEPT security solution will incorporate preventive and detecting security mechanisms and tools for automatically preventing and mitigating web site attacks, maximizing the security posture of websites with a minimum intervention of web site owners and administrators The project also proposes a certification model that will certificate the security level of a web application based on SWEPT security mechanisms.
Beyond this triplet (prevention, detection and certification) there will be an integration methodology based on:
1- Normalisation of different outcomes from different tools.
2- Extension of an XML format file oriented to vulnerabilities and threats concepts
3- Log based integration in a common DB
4- Definition of correlation techniques
5- Certification of SWEPT Integration platform
This will generate the SWEPT platform ready to offer preventive and reactive services toward web developers and hosters.

Website
  • Skills/Topics:

    • Website security
    • Cybersecurity
    • web applications
Partners
TECNALIA (Spain) (Coordinator)
EUROHELP (Spain)
MONTIMAGE MI (France)
EVERIS Aerospace & Defence EADE (Spain)
CYBERDEFCON CyDef (United Kingdom)
EMAZE NETWORKS (Italy)
S21sec S21 (Spain)
AMIS DOO AMIS (Slovenia)
CSIS Security Group (Denmark)
ARSYS INTERNET (France)

Programme/Client:
EUROPEAN COMMISSION CIP - ICT POLICY SUPPORT PROGRAMME

Our Role
SWEPT security solution will incorporate preventive and detecting security mechanisms and tools for automatically preventing and mitigating web site attacks, maximizing the security posture of websites with a minimum intervention of web site owners and administrators The project also proposes a certification model that will certificate the security level of a web application based on SWEPT security mechanisms. Beyond this triplet (prevention, detection and certification) there will be an integration methodology based on: 1- Normalisation of different outcomes from different tools. 2- Extension of an XML format file oriented to vulnerabilities and threats concepts 3- Log based integration in a common DB 4- Definition of correlation techniques 5- Certification of SWEPT Integration platform This will generate the SWEPT platform ready to offer preventive and reactive services toward web developers and hosters.