- Acronym:
- PUCHACZ
- Full name:
- PUCHACZ – Platforma Uzyskiwania CHarakterystyk Adwersarzy i CyberZagrożeń
- Logotype:
-
- Duration:
- 01.01.2026 - 31.12.2028
- Aim:
-
The aim of the PUCHACZ project is to create an integrated research and operational platform supporting the acquisition, correlation, analysis, processing, and exchange of cyber threat intelligence. The platform will provide an environment for conducting advanced research and executing operational activities in the field of cybersecurity, supporting security monitoring processes, incident analysis, identification of cyberattack campaigns, and the development of knowledge about adversary tactics.
The solution will leverage modern analytical mechanisms, artificial intelligence technologies, and tools automating the processing of large volumes of data from diverse sources. This will enable improved threat detection effectiveness, forecasting of potential attack vectors, support for security teams (SOC, CERT, CSIRT), and enhanced cyber resilience of organizations and critical infrastructure.
The PUCHACZ project assumes the establishment of three complementary research laboratories which, despite having distinct areas of specialization, will function as a single integrated ecosystem. Collaboration between the laboratories will create a synergistic effect, where the results of one laboratory's work will form the basis for the development and refinement of solutions created by the other teams.
Laboratory 1 – Efficient collection of information on active
Laboratory 2 – Building knowledge about adversaries (CTI)
Laboratory 3 – Artificial intelligence in cybersecurity applications
A key element of the project will be the utilization of the experience and competencies of the expert teams engaged by the consortium members. These competencies cover the fields of cybersecurity, artificial intelligence, data analysis, CERT/SOC services, and the construction of advanced IT systems. The project will also utilize existing high-performance computing resources, data storage infrastructure, and specialized research environments available to the consortium partners. As a result, the project will deliver a modern platform enabling research, testing, and deployment of new cybersecurity technologies, supporting the development of national competencies in cyberspace protection, and increasing the capacity to identify, analyze, and counteract contemporary digital threats. - Role of
ACC Cyfronet AGH: - ACC Cyfronet AGH is responsible for building the Cyber Threat Intelligence (CTI) environment, a central platform that integrates threat data from incident reports, attack databases, and OSINT sources, transforming it into actionable adversary intelligence for Laboratory 2. The platform automatically generates and updates blocklists, synchronized with firewalls, IDS/IPS systems, SIEM/XDR solutions, and PUCHACZ project tools, thereby enhancing threat detection effectiveness and reducing incident response times.
- Project value
(total project cost): - 287 062 262,29 zł
- European Funds
contribution: - 175 735 322,31 zł
- Contact:
-
Krzysztof Niziołek
e-mail: krzysztof.niziolek (at) cyfronet.pl
phone:: (+48) 12-632-33-55 w. 309
