SMESEC aims at providing a unified security framework for Small Medium Enterprises (SME). SME’s are one of the most important drivers for innovation, but they often tend not properly to plan their cybersecurity defence, either by underestimating the risks and consequences of cyber attacks or by not being capable of keeping pace with the progress in this ever-evolving field. New threats appear on a daily basis, and SMEs are usually unready to protect their IT assets and therefore the business continuity.


SMESEC Unified cybersecurity solution

The main goal of SMESEC is to identify what are the needs from the SME perspective and translate them into requirements for a unified framework, which will eventually consist of the SMESEC partners’ contributed products. The products can cover a wide range of security market segments, and it is expected that the unification will bring even higher added value to the products and the Framework.

Visualization of SMESEC products in the security market


Training Courses & Material Training Platform

Interactive training courses. is an online platform for creating and managing interactive training courses using real infrastructures and testbeds (servers, computers, networks etc.). Contrary to other e-learning platforms, focuses only on cybersecurity. All hosted courses are created by experts from security companies and institutes around Europe and include training material for many different security topics and levels of expertise.


Hosts courses that are open to the public or made available privately to selected registered users.

Provides course managers with the ability to create their own space, host their own private or public courses to present a personalized training experience to their users.

The training courses can be executed directly in or exported to be inserted in other learning management systems (e.g. Moodle).

I learned the basics of Spam and Phishing.

Amalia Kakaroumpa, Myrtian Blue Events

I created a full list of courses to train my employees.

Alexis Pantziaros, In4Capital

Detection & Alerting

Security Information and Event Manager XL-SIEM

Real-time alerts for securing the SME.

The SMESEC XL-SIEM is a platform for collecting cybersecurity alerts and deviations from correct behaviour in a system. The information comes from the correlation of several monitoring tools focusing in different areas of the target system. The tool provides real-time analysis of the alerts and information about them in an easy and accessible way. In contrast to other SIEM tools the XL-SIEM guides end-users with concrete and actionable recommendations of what to do against specific alerts and protect better their organization.


Provides total control for creating relevant alarms and full event history.

Lets the user aggregate different sources of SMESEC input data to provide a good insight of attacks.

Recommendations guide the user to the right tools and actions to be performed.

For the first time, I felt to be in control.

Rodrigo Diaz, ATOS

It was easy to understand what happens and take immediate action.

Olmo Rayón, WorldSensing

Training Courses & Material

Cybersecurity Coach CYSEC

Assess, plan, and track improvements in cybersecurity.

CYSEC provides SMEs with the ability to assess, plan, and track improvements in cybersecurity in a simple, do-it- yourself fashion. For an SME that is aware of cyber risks, CYSEC offers easily understandable cybersecurity advice and offers a personalized, self-adaptive journey of building cybersecurity capabilities to protect the SME. For the open cybersecurity expert community serving SMEs, CYSEC gives insights into how cybersecurity practices are adopted and a channel for helping SMEs to solve their difficult challenges.


The what, why, and how for each cybersecurity improvement in the SME.

Recommends the next step in the SME’s improvement journey.

Awards badges that certify your SME’s achievements in getting protected.

CYSEC gave us holistic awareness about cybersecurity.

Andreas Last, GridPocket

The CYSEC tool provided valuable insight into the security level of the company by just doing a quick survey.

Jordi Cucurull, Scytl

Detection & Alerting


AI and heuristics for comprehensive protection of workstations and servers.

SMESESC GravityZone from Bitdefender gives small and medium-sized companies a unified approach to security management that addresses the scalability and performance challenges your organization is facing today. GravityZone is architected from the ground up to unify security control over virtualized, physical, and mobile environments. It protects all the things that keep your business going: workstations, servers, mailboxes and mobile devices. It is incredibly easy to install and light on your resources.


Comprehensive security and efficient management with layered protection for the SME’s endpoints.

Artificial intelligence and machine learning perfected for best protection and best performance.

Web-based security for full control and enhanced business productivity.

I now spend less than one hour a month on security because GravityZone takes care of almost everything.

Denis Muckensturm, Les Jardins de Gaïa

It’s an additional layer of security that protects us from the most advanced attacks.

Simon Gassmann, Quilvest Switzerland

Detection & Alerting

Early Warning Intrusion Detection System EWIS

Light intrusion detection that is also able to attract attacks away from the systems.

EWIS is a honeypot-based intrusion detection solution tailored for SMEs. It can run in parallel with the real system, attracting attacks away from the SME’s systems. EWIS also provides a graphical interface visualizing the events that are captured by our sensors, this interface is part of the final SMESEC framework.


Emulates production services like the ones SMEs are using.

Non-intrusive detection of malicious network events.

Visual representation of real-time and passed network events.

I gained new insights into the overall security events in the system.

A Greek company in the defence sector

It was easy to retrieve and query for security events.

Christos Tranoris,

Detection & Alerting

Citrix Application Delivery Controller

Complete visibility and control over the web traffic.

SMESEC partially integrates the industry-leading Citrix Application Delivery Controller, which provides solutions for granting SMEs the visibility and control they need over encrypted traffic, thus ensuring compliance with their privacy, regulatory, and acceptable user behaviour. To keep users safe inside an organization, all communications must be inspected, not just clear-text traffic. Without, organizations are at risk from attacks: Hackers can infiltrate malware and steal data across multiple endpoints in the guise of encrypted traffic.


Selectively decrypts traffic according to URL category, reputation, or customer list.

Blocks malicious websites such as malware, spam, and phishing sites.

Analytics, visibility, and reporting for communication networks and user data.

We could see issues right away and address them proactively.

Christos Tranoris, Swiss ABB unit

With Citrix, giving users access was as simple as checking a box, and it all worked.

Ayd Asraf, Aramex

Protection & Response

IBM Anti-ROP Compiler Plugin

Protect software with the moving target defense technology.

IBM Anti-ROP Compiler Plugin (Shakedown) allows compiling a C/C++ program with binary shuffling enabled so that the resulting executable is different for each build. The shuffling prevents buffer overflow and ROP attacks scale out: an exploit that targets one instance of the application will not successfully execute on other instances.


No modifications to project’s source code is required.

Generates many versions of single binary executable, all different in binary layout but identical in functionality.

Performs different types of randomizations to make it difficult for the attacker to circumvent.

We successfully used it on industrial IoT devices.

Olmo Rayón, Worldsensing

A simple compiler wrapper allowed me to do the shuffling.

Olmo Rayón, Worldsensing

Protection & Response

Test-as-a-Service TaaS

Automated security testing for IoT.

The TasS (Test as a Service) allows SMEs to develop standards-based interoperable and secure products with short time-to-market and low engineering and financial overhead. TaaS offers capabilities to verify and validate the potentiality of vulnerabilities related to oneM2M and LoRa security requirements. Our motivation is to meet the market requirements related to sensors and IoT platforms domain. For example, TaaS analyzes the LoRa network stack for the susceptibility of LoRa devices to different types of attacks using commercial-off-the-shelf hardware and execute the appropriate security test cases.


Automated on the shelve security testing.

Non-regression report.

Instant security problem detection.

We saw the improvement of our product security after each testing phase.

Samuel Dupont, Bioceanor

The automated cloud-based testing procedure allows me to continue working while the tests are executed.

Bruno Legeard, Smartesting

How secure is your company? Head to the Member section!


Not just an IT solution

Cybersecurity is somewhat like quality management. Slightest changes may affect the security of a product. Not only the product itself is defining the level of security achieved. Surrounding effects such as shared infrastructures, changing regulatory environments, shifted public perception, or new threats are factors too which may have a drastic impact on the security of a system.

The improvement or maintenance of a certain security standard is thus a demanding task for an SME. Keeping track of the parts is very hard as there is often not enough expertise within the company to identify all weaknesses of the product. SMESEC aims here to give a framework enabling SMEs to keep track of all relevant parts and support them in analysis and scoring.

SMESEC helps SMEs become aware of threats and build capabilities to counter these threats with a threat-oriented incremental approach. The threat-orientation ensures that the SME understands the value of the actions that SMESEC encourages. The incremental approach ensures that capability-building is lightweight and the SME is under control of when to stop.

SMESEC capability improvement process: capability and manageability improvement

An SME-friendly solution


innovation items to be developed in the project should decrease the usual complexity level of security tools, making them more attractive for adoption by the SMEs. The complexity term refers to usability, but also the installation and updating requirements of these tools.


SMESEC solutions should provide better or at least comparable level of cybersecurity protection to the offered by the available solutions in the market.


Since one of the main entrance barriers of cyber-security solutions in the SMEs ecosystem is the budget constraints, any incremental innovation must keep costs low.

Training and awareness

apart from the technical aspects, SMESEC wants to evangelise the importance of cyber-security protection among SMEs. Innovation road-mapping will also consider the development of supporting material to attain this non-technical objective.