S2 Grupo and the CCN create a pioneering cyberattack analysis tool for the early detection of cyberthreats in Spain

02 Jul 2019
2 Minutes of reading


  • Under the name of "GLORIA", experts from S2 Grupo and the National Cryptological Center have developed a platform that is defined as the fundamental tool to combat the action of cybercrime through the early detection of possible cyberthreats.
  • This initiative is a sign of the country's commitment to the development and evolution of national cybersecurity capacity, a fundamental feature for technological independence from other countries. 

Valencia, July 1, 2019.- The Valencian company S2 Grupo and the National Cryptological Center have collaborated for the development of GLORIA, a cyberattack analysis tool with artificial intelligence capabilities, a pioneer for the early detection of cybersecurity incidents in Spain. "This new project created together with the NCC team is of great relevance because it has led to the implementation of a platform that has improved and advanced in the early detection of a possible cyberattack and the response time is essential to avoid its consequences", said José Rosell, managing-partner of S2 Grupo. "We must also bear in mind that this initiative shows our country's commitment to the development and evolution of national capacity for monitoring and detecting of cybersecurity incidents. And this is fundamental if we want to achieve technological independence from other countries such as the US", said Miguel A. Juan, managing partner of S2 Grupo. "GLORIA, has been constituted as the fundamental tool for the definition of the necessary intelligence that allows the early detection of threats and, in addition, as a result of this collaboration between the NCC and S2 Grupo, the General State Administration will have a tool without cost of licenses, with all the necessary functionalities for the management of an incident response center (CSIRT). This means that the Public Administration will improve qualitatively its cyber-protection against the possible action of cybercriminals ", explained the NCC. About GLORIA, the cyberattack analysis tool GLORIA is a platform for managing cybersecurity incidents and threats through complex event correlation techniques. In other words, artificial intelligence has been applied for the early detection of possible cyberthreats complicated to detect through systems used so far by the way of they operate. This tool is based on the SIEM (Security Information and Event Management) systems and goes one step beyond the monitoring, storage and interpretation of the data considered relevant, from the cybersecurity field. In fact, it has incorporated complex correlation techniques from various sources of events and pattern analyses for the identification of anomalies, which allows a very flexible orientation in the surveillance of the world connected to the Internet. Through different modules, GLORIA allows the following functionalities:

  •  IT/OT monitoring and collection of cybersecurity events - these are network-based (NIDS) and host-based (HIDS) "intrusion detection" systems, automatic vulnerability analysis systems, traffic analyzers and a set of connectors that allow activity logs to be obtained from any system or device that is connected to the Internet.
  •  Intelligence.- through complex event correlation techniques that serve as the basis for the development and parameterization of events.
  •  Service management.- with a single alert and incident management console that collects all the automatic alerts generated by the correlation system.
  • For the improvement of complex event correlation techniques, it is especially necessary to integrate the capabilities of SIEM (Security Information and Event Management), incident notification and, of course, cyber-intelligence. In this way, GLORIA allows the reduction of the manual and repetitive work of cybersecurity analysts in the processes of detection and response to incidents and considerably shortens the reaction time when a cyberthreat appears.

More information: