ABSTRACT
SISSDEN is a project aimed at improving the cyber security posture of EU entities and end users through development of situational awareness and sharing of actionable information. Components located at the EU datacentre include the Frontend Servers, Backend Servers and Utility Server pictured on the diagram. SISSDEN collects attack data, such as network scans, spam email, malware binaries, brute force attacks, interactive attacker logins, etc. Each remote endpoint sensor contains only the minimum amount of configuration and management capabilities required to securely participate as one end of a transparent network tunnel. Each day, recipients who have voluntarily signed up for free reporting will receive by email multiple reports, covering different types of potentially malicious activity detected by SISSDEN on their nominated, verified IP/ASN/CIDR addresses. SISSDEN presents a number of systems to interact with the public and external partners.
