1. Home
  2. Dissemination

Partner Spotlight: SPACE Hellas

1. Company Profile and Evolution

Founded in 1985, SPACE Hellas has evolved from a pioneering network service provider into a leading international Digital Integrator and Value-Added Solutions Provider. With nearly 40 years of sustainable growth, the company holds a dominant position in the high-technology arena, designing and supporting complex ICT, Hybrid Cloud, and Security solutions for the enterprise, government, and defense sectors.

Headquartered in Athens and listed on the Athens Stock Exchange, SPACE Hellas has expanded its footprint across the EMEA region with subsidiaries in five countries. The company is distinguished by its 24/7 state-of-the-art Network and Security Operations Center (NOC/SOC) and an extensive technical support network that handles over 45,000 calls annually. This evolution is underpinned by a commitment to quality and security, evidenced by a robust portfolio of ISO certifications and over 700 vendor-leading accreditations.

2. Focus on Research and Development

Innovation is a core pillar of SPACE Hellas’ strategy. The company’s dedicated R&D Department focuses on bridging the gap between niche scientific research and commercial exploitation. With a track record of participating in and coordinating over 45 European and National projects (including Horizon Europe, H2020, and EDF), the organization actively shapes the future of the computing continuum.

Space Hellas’ R&D expertise spans several critical domains:

  • Cybersecurity & Cyber Defense: Leading initiatives in threat hunting, incident response, and zero-trust architectures (e.g., PANDORA, PALANTIR).
  • Future Networks: Expertise in 5G/6G ecosystems, satellite communications, and software-defined infrastructures.
  • Smart & Secure Cities: Developing AI-driven solutions for IoT, situational awareness, and critical infrastructure protection.
  • Space Technologies: Advancing Earth Observation and satellite payload data management.

3. SPACE Hellas Role in CyberNEMO

In the CyberNEMO project, SPACE Hellas leverages its extensive experience in security orchestration to lead the development of the Computing Continuum Access Security Broker (CASB) component. Acting as a strategic technical partner, SPACE Hellas is responsible for the architectural design and implementation of this critical security layer, which ensures protected data flows across the project’s meta-Operating System.

Beyond its technical leadership in Task 3.3, the organization plays a horizontal role in ensuring system-wide interoperability. By defining the interaction between the CASB, the Event Bus, and the Intelligent Policy Decision Making (IPDM-DSS) framework, SPACE Hellas ensures that security policies are consistently enforced across diverse pilot environments. Furthermore, the company contributes its operational expertise to the project’s validation trials, ensuring that the developed security innovations are robust, scalable, and ready for deployment in real-world critical infrastructures like energy, water, and healthcare.

Read More

CyberNEMO attends the CEI-Sphere and LSP O-CEI and COP-Pilot Webinar on Privacy-Enhancing Technologies

CyberNEMO partners (Synelixis and Maggioli) attended the webinar on Privacy-Enhancing Technologies for Information Security in Edge-Cloud Applications, organized by CEI-Sphere and Large Scale Pilots O-CEI and COP-Pilot.

The webinar explored the growing challenge of securely sharing and processing data across distributed environments, from industrial platforms to smart infrastructures, where large numbers of devices, man-in-the-middle threats, and purpose limitation requirements create complex security landscapes. Protecting sensitive data today goes well beyond personal data as business data sovereignty is equally at stake.

Presentations from Fraunhofer ISST and insights from the O-CEI and COP-PILOT Large-Scale Pilots highlighted how technologies such as Federated Machine Learning (FML), Trusted Execution Environments, Homomorphic Encryption, and Zero-Knowledge Proofs can be embedded directly into system design. The “black sheep problem” in FML, identifying and mitigating malicious or corrupted participants in federated learning, is a as a shared concern directly relevant to CyberNEMO’s work on ZT-FML.

CyberNEMO identified synergies in two areas a) the Zero-Trust Federated Machine Learning (ZT-FML) and b) the use of LLMs and MCP-based architectures for privacy-aware decision support functionality.

Read More

CyberNEMO Meets IDMEFv2: Employing, Supporting and Contributing to Incident the Detection Standard

CyberNEMO project, represented by the Coordinator Synelixis and partner Maggioli, met Gilles Lehmann, lead of the IDMEFv2 Task Force, on 30 April 2026, for a focused exchange on IDMEFv2 standardisation developments and its usage in the context of the project.

In the context of IDMEFv2 standardisation effort, draft v08 has been published in April 2026 and the IETF meeting scheduled for July 2026, where the standard is seeking to advance towards an Experimental RFC status.

CyberNEMO is as one of the projects employing IDMEFv2 (link). Specifically, IDMEFv2 is used in the communication backbone between heterogeneous security detectors and the Decision Support System. By adopting a standardised, JSON-based incident description format, the project enables diverse sensors to feed alerts into a unified pipeline. The usage of IDMEFv2 across the computing continuum allows for suggestions to the standard on behalf of the CyberNEMO consortium, an effort led by partner Maggioli who provides one of the main detector AI-based Firewall as a Service.

Both sides concluded that this partnership is going to level up the standard and bring some serious momentum to the project, while this contribution is foreseen to have a significant impact on the domain and will play a pivotal role in future developments.

Read More

EC Cybersecurity cluster 3rd meeting

The CyberNEMO project was present in the 3rd meeting of the European Cybersecurity Cluster along with INTACT, CASTOR, and MIRANDA following the meeting that took place on January 16th. This strategic gathering was scheduled to review the projects’ updates since their last meetup and align the shared goals of these leading EU-funded initiatives.

Among the various topics discussed, for CyberNEMO, the presentation of the CyberNEMO Decision Support component was an important milestone. In addition, the projects demonstrated significant interest in co-organizing a workshop in Paris this fall.

The exchange was further enriched by the introduction of three new projects to the cluster: Mediate, CoCyber and GuardAI, expanding the group’s collective expertise in securing the digital landscape.

Read More

CyberNEMO Holds its 6th General Assembly in Rome

The CyberNEMO consortium is meeting this week in Rome, Italy, for its 6th General Assembly, hosted by Engineering Ingegneria Informatica.

This plenary gathering represents an important moment in the project’s evolution, bringing together partners to review progress, align on next steps, and reinforce collaboration across the consortium in the view of the upcoming 1st half review.

Discussions during the meeting focus on key areas such as AI-driven cybersecurity, risk assessment and mitigation, system integration, and validation of technologies in complex IoT–Edge–Cloud environments. The sessions also address the project’s broader impact, including dissemination, standardisation, and engagement with stakeholders.

A central objective of this General Assembly is to advance the integration of CyberNEMO components into a cohesive framework, moving from individual developments toward interoperable and scalable solutions for securing critical infrastructures.

Beyond the technical work, the meeting provides a valuable opportunity to strengthen collaboration, ensuring alignment and continuity as the project progresses toward its next milestones.

Read More

CyberNEMO Laison Activity with COcyber, CYBERACTIONING, ENSEMBLE, Resilmesh

CyberNEMO has initiated a series of liaison activities with four European cybersecurity projects COcyber, CYBERACTIONING, ENSEMBLE, and Resilmesh towards building a unified and resilient European cybersecurity landscape.

The 1st meeting took place on the 18th of March 2026, with the participation of Andreas Papadakis and Ilias Seitanidis on behalf of the CyberNEMO coordinator (Synelixis).

The activity focuses on four pillars of collaboration:

  • Joint Dissemination, broadening projects’ visibility across the European research community and beyond.
  • Synchronised Advocacy, coordinating the communication campaigns to lead the conversation on cybersecurity and defense challenges at the EU level.
  • Event Co-hosting, co-organising presentations at major industry forums and jointly hosting specialised events that showcase the projects’ collective expertise.
  • Knowledge Exchange into a cybersecurity ecosystem.

Together, the four projects bring complementary strengths: COcyber bridges civilian and defence cybersecurity communities, CyberACTIONING advances cutting-edge network security research. ENSEMBLE focuses on collaborative cybersecurity education and training and ResilMesh tackles resilience in complex networked environments.

Read More

Advancing Smart Healthcare and Cyber-Resilient Infrastructures

XGL (Xgility) is an innovative solutions provider and research-oriented IT company headquartered in Dublin, Ireland. Bringing together a highly skilled and diverse team of researchers, consultants, and IT specialists, XGL delivers a comprehensive range of services and solutions tailored to the needs of both industry and research partners. The company is distinguished by its agility, technical expertise, and forward-looking approach to technology adoption.

XGL’s core competencies span software development, IT outsourcing, AI-driven decision support systems, cybersecurity expertise, IT consulting, training, and advanced data and document management. Building on its innovation-driven approach, the company is also exploring emerging technologies such as virtual agents and large language models (LLMs) to enhance digital services, automation, and human–machine collaboration. By combining cutting-edge research with hands-on experience in the deployment and management of complex IT solutions, XGL supports organizations in their digital transformation journeys. With a strong emphasis on reliability, scalability, and adaptability, XGL has established itself as a trusted partner capable of addressing diverse technological and business challenges.

Beyond its service portfolio, XGL actively participates in research and innovation through EU-funded projects, where it contributes to the advancement of IT infrastructures, interoperability, and digital resilience. Its longstanding involvement in European research initiatives highlights the company’s ability to bridge the gap between academic innovation and industrial application, translating research outcomes into market-ready solutions through a strong commitment to research-to-market dissemination.

Within the CyberNEMO project, XGL plays a pivotal role by leading Task 5.1: Open Data Management Plan & Trials Set-up and Task 5.4: Smart Healthcare Critical Infrastructures Validation, where it provides guidelines for data management in CyberNEMO and supports the MUP pilot with technical expertise. In addition, XGL contributes to Task 3.2: Intrusion Prevention/Detection/Mitigation DSS (IPDM-DSS) and Task 3.4: Privacy Protection Enforcement (PPE). The company also leads the development of a semantically enhanced Countermeasures Repository, designed to identify and match countermeasures against emerging and existing critical infrastructure threats.

Through its expertise in cybersecurity, AI-driven solutions, and emerging virtual agent technologies, XGL reinforces the collaborative and interdisciplinary character of CyberNEMO. The company remains dedicated to driving innovation, enabling digital transformation, and delivering high-quality IT solutions that create long-term value for stakeholders across both research and industry.

Read More

Mapping Cyber Vulnerabilities to MITRE ATT&CK for Critical Infrastructure Threat Detection

How CyberNEMO is bridging the gap between risk visibility and intelligent response

In today’s hyperconnected world, Europe’s critical infrastructures (CIs) — energy, transport, healthcare, and manufacturing — form the backbone of our digital society. Yet these same systems are among the most vulnerable targets

From ransomware attacks that paralyse hospitals to supply chain breaches rippling through industrial control systems, one reality stands out: we cannot defend what we cannot understand

Why Vulnerability Mapping Matters

Traditional vulnerability scanning stops at detection — identifying weak points without explaining how they might be exploited. But true cyber resilience requires context

By mapping vulnerabilities to the MITRE ATT&CK framework — the global reference for adversarial tactics, techniques, and procedures (TTPs) — defenders can see how attackers think and operate. Each vulnerability becomes a narrative of potential attack paths, not just a static CVE entry. 

By correlating technical weaknesses (CVE/CVSS) with ATT&CK techniques, CI operators can: 

  • Prioritise what matters most — focusing on vulnerabilities exploited by active adversaries.
  • Enhance detection logic — linking vulnerabilities to ATT&CK techniques like privilege escalation, lateral movement, or data exfiltration.
  • Enable AI-driven threat prediction — modelling how small weaknesses could evolve into full-scale attack chains.

Embedding AI Closer to the Threat Surface

CyberNEMO’s approach brings AI intelligence directly to the edge, transforming how vulnerabilities are monitored and analysed in distributed systems. 

By embedding AI in IoT gateways and edge devices, threat detection becomes continuous, adaptive, and privacy-preserving. These local models evolve with each new observed attack, strengthening defences autonomously and enhancing cross-domain resilience

This shift — from centralised analysis to distributed intelligence — is key to protecting the complex, hybrid environments that define modern critical infrastructure. 

From Zero Trust to Full-Stack Protection

As CI systems increasingly span IoT–edge–cloud architectures, the attack surface expands. MITRE ATT&CK provides a shared taxonomy for identifying and analysing threats across layers — whether it’s an IoT device communicating with a suspicious domain (ATT&CK T1071) or an insider escalating privileges (T1068). 

When integrated with Zero Trust principles, ATT&CK mapping enables defenders to: 

  • Dynamically verify every entity and data flow.
  • Feed contextual intelligence into security enforcement engines.
  • Apply risk-based adaptive access control, tightening security automatically when certain attack techniques are detected.

Together, these approaches move organisations from reactive defence to proactive, intelligent protection

Collaboration and Knowledge Sharing

Mapping vulnerabilities to MITRE ATT&CK isn’t just a technical process — it’s a collaborative intelligence effort

CyberNEMO is shaping a distributed European sharing platform that empowers CI operators, CERTs, and CSIRTs to:

  • Exchange ATT&CK-aligned threat data in real time.
  • Maintain interoperability across domains and sectors.
  • Strengthen Europe’s collective cyber resilience.

By aligning on a common threat language, Europe’s CI defenders can respond faster and smarter — together. 

Building a Culture of Cyber Sustainability

Ultimately, mapping vulnerabilities to MITRE ATT&CK helps organisations do more than just patch; it helps them learn, adapt, and evolve

By connecting the technical (AI, Zero Trust, machine learning pipelines) with the human (awareness, collaboration, and shared intelligence), CyberNEMO fosters a culture of cybersecurity for sustainability — one that endures and grows stronger over time. 

The Path Forward

CyberNEMO’s work on vulnerability-to-ATT&CK mapping marks a crucial step toward AI-empowered, collaborative cyber defence across Europe’s critical infrastructure. 

It bridges the gap between visibility and action, turning fragmented vulnerability data into a living intelligence fabric that evolves with every threat. 

Because in this new era of cyber-physical convergence, context is the ultimate defence.

Read More

2nd CyberNEMO, INTACT, CASTOR, and MIRANDA European Cybersecurity Cluster online meeting

The CyberNEMO project joined forces with INTACT, CASTOR, and MIRANDA discussing the possibility of collaboration between projects meeting of the European Cybersecurity Cluster, held on January 16th. This collaborative exchange was designed to identify synergies, explore joint opportunities, and align shared goals among the participating projects. The gathering united specialists and leaders from all four initiatives, each focused on strengthening European cybersecurity through pioneering research and practical application.

CyberNEMO presented the current progress and the objectives. CybeNEMO focuses on strengthening resilience and risk preparedness across critical infrastructure and supply chains. It provides a comprehensive, end-to-end security stack—ranging from Zero-Trust Network Access to AI-driven Situation Perception, Comprehension & Protection (SPCP)—while facilitating collaborative auditing and a pan-European platform for shared threat analysis (SAAM).

As the discussions progressed, participants identified several common points for collaboration. They expressed strong interest in pursuing future joint calls and events. In this context, a cross-project event collaborative calendar was established aiming to enhance the inter-project synergy visibility through conferences and workshops that will promote the innovative work carried out by the EU funded projects in the Cybersecurity domain.

The meeting concluded with the partners planning their next actions and scheduling their upcoming meetings.

Read More