Standard Alert Format Exchange for SOCs

The SAFE4SOC project (Standard Alert Format Exchange for SOCs) is an EU-funded initiative under the Digital Europe Programme, aiming to enhance cyber threat detection, response, and information sharing between Security Operations Centers (SOCs) through the use of a standardized alert format: IDMEFv2 (Incident Detection Message Exchange Format, version 2). The goal is to enable structured, secure, and automated exchange of alerts and incident data, while complying with regulatory frameworks such as the GDPR and NIS2 Directive. SAFE4SOC focuses on refining and formalizing IDMEFv2 as a recognized standard and developing open-source tools to support its real-world implementation. The project also works on building interoperable data exchange systems between public and private organizations, and on applying artificial intelligence to improve the detection and classification of cybersecurity incidents. Special attention is given to data protection, traceability of shared information, and fostering a community that promotes the adoption and evolution of the standard. Launched in January 2024 and scheduled to run until 2026, SAFE4SOC faces challenges such as ensuring scalability, validating the reliability of AI-driven systems, and encouraging broad adoption of the format across Europe’s cybersecurity landscape.