skip to Main Content
Solutions 1

Behaviour Analytics (UEBA)

Solutions 2

Cyber Threat Intelligence (CTI)

Solutions 4

Trustworthy AI



Over the last few years, Artificial Intelligence (AI) has become a strategic and driving force in the fight against fraud and cyber threats, providing analytics on large volumes of data and improving decision making.

Open User and Entity Behaviour Analytics (OpenUEBA) has developed an AI engine that allows the automatic ingestion of heterogeneous logs of entities and users to define behavioural patterns in the network and to calculate exposure to specific threats. In particular, the AI engine allows modelling users through reference profiles that characterise legitimate user behaviours and enables cybersecurity professionals to focus their efforts on those users with risk patterns that make them more likely to be affected by a specific threat.
OpenUEBA is the first data-driven, data-agnostic, open source framework that provides out-of-the-box UEBA techniques, integrating threat intelligence information.


  • Multimodal data ingestionOpenUEBA allows to analyse data of different types such as network logs, devices, applications…
  • Threat IntelligenceThreat characterisation from multiple intelligence sources
  • Actionable resultsExplainable results for agile decision making


  • Shifts from a reactive to a preventative methodology to reduce the attack footprint.
  • Massive data analysis using AI algorithms, allowing a higher accuracy rate compared to expert systems.
  • Open Source, modular and easy to integrate with other tools.

Detection approach is based on the behavioural approach to analyse user and entity patterns, divided into three components to obtain results that allow users to be classified according to the degree of vulnerability to a threat:

  • User profile: there is a vector of characteristics representing the user’s current and past behaviour.
  • Threat profile: Kill-chain mutations are calculated from threat intelligence sources.
  • Exposure calculation: consists of a ranking of users with a high impact of being vulnerable to threats.



Laboratory dedicated to innovation and development in Artificial Intelligence and Cybersecurity. The laboratory has cutting-edge computing and security mechanisms that enable research into new technologies.

Technical specifications

High-performance private cloud environment with two isolated computing clusters to manage and analyse large amounts of data using GPUs.


AI4Cyber is dedicated to knowledge generation, offering researchers tools to develop projects and new techniques in the fields of advanced digital technologies.