Accelerating Cyber Intelligence
Cyberattacks are an extremely serious problem for safety-relevant sectors like airport operators. Like most companies, also Fraport AG, one of the leading players in the global airport business, notices a growing number of cyberattacks, resulting from security breaches. But how to handle this everyday challenge? There is a great need for innovative solutions to improve the automation of the collection as well as evaluation of relevant data from a wide range of sources on the potential vulnerabilities to revolutionize existing security systems.
#CyberVulnerabilityManagement #AIforCyberSecurity #CyberIntelligence
- Prize pool of EUR 5,000 + funding and collaboration programs + joint paper
- Oct 3, 2022, 10:00:00 PM
- 1 to 9 persons
International - open to participants from all over the world
- Important details
- About Fraport
This challenge is part of the AI & Data Science Innovation program. You can find an overview of the program and the other challenges here.
Enabling Future of Intelligent Cybersecurity
Fraport is facing a problem most companies are confronted with nowadays: How to handle the growing number of cyberattacks, resulting from security breaches, that (can) occur every day? How to identify which assets are affected and to keep up by continuously developing Fraport's products?
As the operator of Germany’s largest aviation hub in Frankfurt, Fraport must comply with certain laws and regulations such as the BSI Act (BSIG). Any approach must meet the requirements for critical infrastructure. Moreover, the security scanning process runs simultaneously across multiple applications, databases, and a mix of manual and automated work to be able to check all accessible assets.
Therefore, there is a great need for innovative solutions to improve the automation of the collection and evaluation of relevant data from a wide range of sources of vulnerability reports. The use of data-driven technologies and artificial intelligence is enhancing the ability to detect and assess IT threats more efficiently. It assists information security teams in reducing breach risk and improving their security posture quickly and effectively. The ability of this technology to evaluate complex information and the capability of self-learning enable it to revolutionize existing security systems by autonomously detecting, investigating, and evaluating threats.
A tremendous attack surface, a vast number of devices per organization involved in the security process as well as massive datasets that go beyond human-scale processing are the key challenges that can be successfully addressed with a data-driven cybersecurity management system.
The initial question in this context is how to deal with the identification and mitigation of a complex set of security vulnerabilities. A solution that automatically collects information about security vulnerabilities as well as indicators of compromise (IoC) and bundles various sources, databases and scanning programs in an all-in-one tool is the main focus for Fraport.
Three central questions and directions should be considered in the process:
1) How to automate the process of importing information about security vulnerability and IoC from different sources into one tool and visualize the result using a user-friendly interface?
The primary objective of this challenge is the implementation of an automatic import interface for security vulnerabilities and IoC. This application shall be called security vulnerabilities management (SVM) tool.
This kind of interface must be highly flexible in order to cope with changing layouts from BSI notes or other sources such as the Malware Information Sharing Platform (MISP). Moreover, Fraport aims to identify relevant and efficient parameters for the classification as well as to develop intelligent solutions and algorithms for data processing and evaluation.
The competitors are challenged on
- how to automatically get the information about security vulnerabilities as well as IoC and the concerned hard- and software from different inputs (Common Security Advisory Framework – CSAF, feeds, pdf, mail, manual tracking, HTML, MISP and CVE data bases) into one tool?
- how to check the information against the asset database to get the vulnerable or already infected assets?
- how to track mitigation and get reports at the touch of a button?
2) How can the applications, databases and resources currently used by Fraport be linked with the identified solution?
The secondary objective is an interface between the SVM tool, Fraport’s asset database and the detection tools to check all assets for known security vulnerabilities or whether they are compromised or not.
Fraport currently operates a specific asset database* as well as vulnerability scanning software*, APT scanners*, and other security tools*. However, there is hardly any information exchanged between these tools. The specific challenge here is finding a solution to develop an efficient communication tool for collecting and processing information provided by the asset database and gathered by the security tools to get an overview about the security threat level at Fraport. This interface/tool will also have to evaluate the threat.
3) How can product manager be efficiently addressed if any of their application is affected by known security vulnerabilities or even already compromised?
The third objective is to automatically inform the affected product manager about the known security vulnerabilities or compromises of any application or system (component) that have already occurred. Therefore, feedback of the vulnerability or APT scanner has to be gathered. This information then has to be processed in order to create tickets in Fraports ticketing tool*. Last but not least reports suitable for different management levels should be generatable.
*Please mind: You can find further information, such as the tool names, in the tab "Confidential Information". This tab is only visible after successful registration on the platform and challenge. For detailed information regarding the specifications and criteria for the AI-driven solution or application visit the tab “Important Details”
Who can participate?
The Challenge is calling especially on startups, researchers, and SMEs to bring in your technologies and solutions and adapt and further elaborate them based on the challenge, criteria and requirements from Fraport. The goal is to find a solution that improves Fraport’s security operations while being interoperable with the applications currently deployed by Fraport.
Questions or looking for team members?
- Meet up & question-call every Wednesday from 16:00 - 16:30 (CEST)
If you want to talk to someone from our team about your approaches, you need more information or questions arise, just join one of our call every Wednesday. It is a group call and you also get the chance to meet other innovators!
Simply register here
- Join an existing team on our platform
- Team up!
Register and log in on our platform, click on the “Take part” button on top in the info box and click "Find team-mates" in order to access our Slack channel. Here you can find all the teams for every ongoing project.
- Chat with us
Write to us anytime via the chat on this platform to your right. Note: You can only find it if you do not decline the cookies.
© 2018-2022 ekipa GmbH. All rights reserved.