Abuse Watch Alerting & Reporting Engine (AWARE)
is a solution for cyber threats monitoring through various external sources. It addresses the following challenges faced by incident response teams:
- Details of an attack not readily available to responders, or they simply doesn't exist.
- Inadequate or absence of tools to provide reliable and comprehensive threat information.
- Data too scattered and not sufficiently filtered to work with.
- Unable to coordinate appropriate actions because the exact threats cannot be identified.
- Lack of expert skills to identify critical data from raw data.
AWARE provides the means to collect data from various abuse feeds, processes the events, and sends out aggregated and actionable reports to be disseminated to relevant agencies or organisations. It facilitates the incident response task hence freeing the response team to attend to other pressing matters. It supports the response team by:
- Collecting and correlating global data on malicious activities in near real time.
- Making sense of raw data through aggregating and enriching processes.
- Producing actionable intelligence.
- Simplifying incident coordination with relevant agencies.
A demonstration of AWARE services can be made at the request of a Member state.