MeliCERTes project presented at the FIRST Annual Conference
![MeliCERTes Team at FIRST Annual Conference](https://ec.europa.eu/newsroom/repository/picture/2022-27/FIRST_tT4i49BpVS9NQ7l0VdNTJcqRLVs_100015.jpg)
date: 06/07/2022
MeliCERTes aims to improve cross border co-operation between CSIRTs and support the activities of the CSIRTs Network. During the first two years of the project, the MeliCERTes Consortium has developed innovative open-source tools with the aim of balancing the long-term technological needs of the CSIRTs Network with their agile development to tackle urgent challenges in the short-term.
Background information
MeliCERTes is a Facility funded by the SMART 2018/1024 tender.
The objectives of the project are:
- Maintain the MeliCERTes software;
- Facilitate the evolution of the MeliCERTes facility by supporting the integration and improvement of a collection of open-source tools used, developed and maintained by the CSIRTs Network;
- Support the re-use of the MeliCERTes components by strengthening ties with the open-source community of the CSIRTs Network;
- Enable the handover of the MeliCERTes facility to ENISA.
The MeliCERTes Values
The MeliCERTes Facility’s underlying aim is to support the implementation of the Commission’s Cybersecurity Strategy by enabling real-time trustworthy communication on cyber threats and incidents across the CSIRTs Network with open-source tools. The project aims to support the European institutions in pursuing long-term objectives, such as digital sovereignty and the promotion of trusted and borderless digital services.
The MeliCERTes Tools
The MeliCERTes Facility is a collection of the following open-source tools developed to meet the operational requirements for cooperation in the CSIRTs Network:
- MISP: Threat Intelligence and Sharing Platform used to share, store and correlate IoCs and threat intelligence
- Cerebrate: Trusted contact information provider and interconnection orchestrator for other security tools
- Taranis NG: Tool for OSINT gathering and analysis and reporting with a user portal for simple self asset management
- IntelMQ: Tool collecting and processing security feeds using a message queuing protocol
- MWDB: Malware repository component for samples & static configuration with REST API interface
- Karton: Distributed malware processing framework based on Python, Redis and MinIO