UBITECH is proud to announce the successful kick-off of the TRITON EDF Action Project, a groundbreaking initiative focused on the “Generative Automation of Security Penetration Tests.” The event took place in Larnaca, Cyprus, on December 4-5, 2024, marking the official start of a project that promises to reshape the future of cybersecurity in military and defense environments. TRITON, which officially began on December 1, 2024, is funded by the European Defence Fund (EDF) under Grant Agreement No. 101168103 and will span from December 2024 to November 2027. The project aims to develop and implement innovative automated penetration testing methodologies tailored to the unique needs of defense and military sectors.
As the project’s overall coordinator, UBITECH leads the way in project management and collaboration among consortium partners. UBITECH also plays a pivotal role in leading several key work packages (WP), including WP4: PREPARE, which focuses on advanced risk analysis, reconnaissance techniques, and environment setup.
UBITECH leads Task 2.2 (T2.2) on “Automated Penetration Testing Methodology in Military SOCs, Networks, Web, and Systems.” This task focuses on adapting established security assessment methodologies, such as ENISA skillset recommendations and NIST’s Information Security Testing and Assessment frameworks. TRITON will extend these methodologies by introducing novel, automated steps for penetration testing in military contexts and isolated execution environments. The new TRITON Methodology will incorporate best practices from DevSecOps, generative AI attack strategies, and intelligent game-theoretic optimizations, enhancing the effectiveness of security assessments in defense operations.
In WP4, UBITECH leads Task 4.1 on “Knowledge Base & Persistence, Data Collection Tools, Graph-based Attack Scenarios & Reporting.” This task aims to develop a sophisticated network Attack Configuration and Emulation Engine (ACEE) that combines AI/ML techniques and emulation capabilities to simulate attacker and defender actions. By leveraging ARM’s Pentest Suite and UBITECH’s OLISTIC cybersecurity risk management suite, the ACEE will be able to identify attack paths and train Deep Reinforcement Learning (DRL) agents to discover hidden vulnerabilities.
UBITECH also leads Task 4.2 on “Model-based Weaknesses and System-based Vulnerabilities Identification.” This task integrates the TRITON Model with renowned cybersecurity databases such as MITRE CPEs, CVEs, CWEs, and NVD to identify potential threats to target systems. The task will utilize the Product and Firmware Pentesting (PFP) engine, enabling massive automated penetration testing on active products and assets. The PFP engine will employ a model-based approach, utilizing various pentesting modules to conduct vulnerability assessments across networks, systems, web apps, containers, and cloud infrastructures.
As part of Task 6.4, UBITECH will also focus on “Post-exploitation, Privilege Escalation, and Lateral Movement.” This task will employ advanced tools such as Meterpreter (from Metasploit), Empire, and CrackMapExec (CME) to simulate post-exploitation techniques, including privilege escalation, lateral movement, and domain infiltration. These tools will enhance the ability to assess and mitigate security threats in a real-world, dynamic defense environment.
The TRITON project is a critical step toward ensuring the security of defense and military networks in an increasingly complex cyber threat landscape. By developing state-of-the-art methodologies and tools for automated penetration testing, UBITECH is helping to pave the way for a more secure, resilient, and efficient defense infrastructure. “TRITON is a transformative project that brings together cutting-edge AI, machine learning, and penetration testing techniques to enhance cybersecurity in defense operations,” said Dr Sophia Karagiorgou (Head, Data and AI Research Group at UBITECH). “Our work in automating these complex processes will not only improve security but also provide military and defense organizations with the tools they need to stay ahead of evolving cyber threats.”
UBITECH looks forward to continued collaboration with its consortium partners as the TRITON project progresses over the next three years, delivering groundbreaking innovations in cybersecurity for the defense sector.