Innovative ideas. Exclusive opportunity
Cyber & Defend
Introducing the first ever Czech-Israeli cyber and defence programme focused on the future.
The CISP is designed for promising students looking to bridge the fields of IT and defence, and provides opportunities for development and collaboration in the field of cyber security.
Cyber image
Project schedule
will be announced
List of 2025 challenges from participating companies
Challenges for 2026 will be announced
CTI solution
The project focuses on defining and extracting entities relevant for Cyber Threat Intelligence (CTI) using artificial intelligence methods. Its main goal is to create a systematic taxonomy of CTI entities and design automated extraction techniques from text sources through Named Entity Recognition (NER). Typical entities include IP addresses, domains, malware, TTPs, and indicators of compromise. A key step is building a structured taxonomy that maps entities and their interrelations. Data will be collected and annotated from open sources such as APT reports, blogs, and threat feeds.
Firmware malware detection
The project addresses the problem of detecting malware in device firmware without access to source code. Firmware for routers, IoT sensors, and cameras runs on diverse architectures (ARM, MIPS, x86, RISC-V), complicating analysis. Traditional static or dynamic analysis is often impossible without source code. The proposed solution converts raw binary firmware into visual representations, such as grayscale images or entropy maps. These visuals enable machine learning models to extract distinguishing features. The approach combines convolutional neural networks (CNNs) for feature extraction with Random Forests for robust classification.
P2P quantum resistent encrypted ports
The project tackles the challenge of secure, low-power encryption for point-to-point communication in industrial environments. Many industrial systems rely on legacy Ethernet infrastructure that was not designed with modern cryptographic resilience in mind. The task is to design a hardware plugin module that can be inserted into Ethernet ports to transparently provide an encrypted line. The encryption must operate efficiently on limited resources, with minimal power consumption and latency. A critical requirement is quantum resilience
Zero trust last mile PKI cert distribution
The project aims to create a small, mobile device that securely connects to an organization’s PKI infrastructure in order to distribute certificates on the last mile. It must operate under a zero trust principle, ensuring no implicit trust is given and each action is verified. The device will use a one-time password (OTP) mechanism to authenticate and generate valid certificates. It must also have the capability to push these certificates directly into target devices onsite, even in restricted or segmented environments. The challenge is to balance strong cryptographic assurance with ease of deployment, portability, and resilience in diverse operational contexts.
Proactive Adversary Engagement & Intelligence Fusion
The project delivers a strategic, tool-agnostic planning layer that turns noisy, reactive alerting into coordinated, proactive adversary-engagement operations. Instead of replacing SIEM/XDR/EDR, the platform becomes the “coach’s playbook,” integrating with existing tools to plan hunts, design deception, manage insider/supply-chain cases, and convert activity into finished intelligence. It operationalizes the MITRE Engage methodology across the full lifecycle—Prepare, Engage, Post-Engage—so teams can consistently exploit adversary vulnerabilities rather than merely triage alerts.
Active Defense for the Identity Layer
Identity is today’s battleground: attackers don’t break doors, they steal keys, live off the land, and move silently under legitimate credentials. HEFAISTOS flips this dynamic by forging high-fidelity, counterfeit identity artifacts (users, groups, tokens, service principals, machines) and intelligently weaving them into your real AD/Entra/cloud fabric so the first malicious touch sets off a definitive, high-signal alarm. The result is shorter dwell time, eliminated alert fatigue, and immediate, environment-specific threat intelligence around attacker paths to crown-jewel assets.
SecureDevOps Guardian Framework — Safe Collaboration on Unmanaged Devices
The project delivers a comprehensive framework that lets organizations work securely with external developers on unmanaged machines—without VDI or managed endpoints—while preserving development velocity and developer experience. It focuses on preventing data leakage and detecting malicious code injections across standard Git/CI/CD workflows, embedding security from requirements through deployment and aligning with EU compliance expectations at a cost point practical for varied org sizes.
List of participating companies
