News

Cuatroochenta
_
develops
_
its
_
own
_
AI
_
model
_
to
_
classify
_
cybersecurity
_
alerts
_
with
_
95%
_
accuracy
_
as
_
part
_
of
_
a
_
project
_
with
_
INCIBE

Artificial Intelligence  ·  Cybersecurity

The solution has been trained using the SOC of Sofistic, the company’s cybersecurity subsidiary, with the goal of speeding up incident response.

Cuatroochenta, through its Applied Innovation department and cybersecurity subsidiary Sofistic, has developed an advanced artificial intelligence model for classifying cybersecurity alerts according to their risk level. The development is part of a project with the National Cybersecurity Institute (INCIBE), an entity under Spain’s Ministry for Digital Transformation and the Civil Service, through the State Secretariat for Telecommunications and Digital Infrastructure. The solution, which combines the latest deep learning and language analysis technologies (LLM), has demonstrated 95% accuracy in assigning alert criticality compared to manual human analyses.

«With this initiative, we position ourselves in the technological race driven by the growing need in Spain and Europe for solutions that minimize technological dependence on third parties.»

Alfredo R. Cebrián, CEO of Cuatroochenta

This model is part of the Strategic Initiative for Innovative Public Procurement (IECPI), within the framework of the Recovery, Transformation and Resilience Plan, funded by the Next Generation EU program. The new tool is fed and trained daily with a consistent, anonymized database from Sofistic’s Security Operations Center (SOC), distributed across two continents and backed by 18 years of experience in Spain and Latin America, particularly in the banking and critical infrastructure sectors. The system evaluates incoming alerts from unstructured data, identifies relevant correlations, and automates classification according to severity.

The solution prioritizes high- and critical-risk alerts so that analysts can focus on them, thus reducing response times. This was the goal pursued by the Cuatroochenta and Sofistic professionals involved in the project: Jaume Barrios (Head of AI), Nicolás Betancourt (Data Scientist), Sergi Fuster (Data Scientist), Nicolás Manero (Head of Applied Innovation), Manuel Ginés (Head of R&D at Sofistic), and Abel Herrero (SOC Team Leader). The team also collaborated with the Temporal Knowledge Bases Group (TKGB) research team from the Universitat Jaume I de Castelló, led by Professor Rafael Berlanga.

«Our model is not intended to replace existing platforms, but to complement them. After passing the first filter when they reach the SOC, the alerts are classified by our system in a way that facilitates and optimizes analysts’ work. Response time is key in managing cybersecurity alerts to minimize potential impact.»

Jaume Barrios, Head of AI at Cuatroochenta

Strategic Initiative for Innovative Public Procurement (IECPI)

Innovative Public Procurement (CPI) has become a highly useful tool for promoting innovation and competitiveness through public institutions, using the public demand for products, services, and supplies as a means to implement public policies and fulfill the mandates of purchasing entities. The IECPI by INCIBE is endowed with a total budget of €224 million, within the framework of the Recovery, Transformation and Resilience Plan (PRTR), funded by the Next Generation EU program

This initiative, implemented under Ciberinnova, is associated with Component 15, Investment 7: Cybersecurity – Strengthening the capacities of citizens, SMEs, and professionals, and boosting the sector.

The IECPI contributes to the realization of the Global Security Innovation Program, included in the PRTR through Component 15, Investment 7. It acts particularly in one of the six key industrial areas identified in milestones 245 and 453 of the PRTR: Development of high value-added solutions and services in cybersecurity.

The National Cybersecurity Institute (INCIBE), as a public entity for the development of cybersecurity — a driver of social transformation and an opportunity for innovation — decided in 2021 to explore how strategic public procurement could be used to advance national cybersecurity policies while fulfilling its mandate to promote innovation and industry. The IECPI is the result of that reflection and of a consensus reached with other public actors in the cybersecurity ecosystem. Its purpose is to implement a series of actions aimed at promoting R&D&I and fostering the creation of products and solutions in the field of cybersecurity.