NetScanCTI: Data collection, analysis, and correlation of vulnerabilities, threats, and alerts for proactive security management

One of the major paths of cyber-attacks in space systems is through compromise of ground segments (e.g., ground stations) that communicate with the space segments (e.g., satellites). These ground segments have many of the same software vulnerabilities that plague other computer networks. If the ground segment should be breached, the space segment is virtually unprotected. Moreover, given the remoteness of space assets, remote software update and mitigation are very challenging. Hence, there is a critical need for a proactive security management solution to prevent cyber-attacks detect and mitigate cyber-attacks at their early stages before the space segments are affected. To address this critical need, Intelligent Automation, Inc. proposes to develop NetScanCTI, a proactive security management system that will discover network/cyber assets, identify vulnerabilities, detect alerts, and link the collected data with Cyber Threat Intelligence (CTI) including adversary’s Tactics, Techniques and Procedures (TTPs). Building upon IAI’s existing high TRL cyber defense capabilities and state-of-the-art ML/AI techniques, NetScanCTI will enhance the cyber security situational awareness and enable proactive security management by which cyber-attacks such as Advanced Persistent Treat (APT) can be prevented or mitigated at early stages.