IMDEA Software is participating in SONIC (Security Oriented Nexus for Intelligent Commodity Solutions Marketplace), a new European project that officially began on 1 January, 2026. The initiative is funded by the European Union through the European Cybersecurity Industrial, Technology and Research Competence Centre (ECCC).
As Georgios Portokalidis, Associate Research Professor at IMDEA Software and project lead at the institute, explains, SONIC was born with a clear goal: to make the deployment of advanced cybersecurity solutions in real-world environments faster and easier. To achieve this, the project is developing an operational marketplace aimed at Security Operations Centers (SOCs), where detection and incident response tasks are concentrated.
This marketplace will function as a catalog of ready-to-use cybersecurity tools that can be deployed and combined according to each organization’s needs. In this way, security teams will not have to integrate complex solutions from scratch, but will be able to configure the capabilities they require more quickly in each case.
According to Georgios, one of the key aspects of SONIC is that it does not simply group tools in isolation. The project connects all essential functions involved in security incident management within a coherent workflow. This ranges from threat detection and system monitoring to attack response, malware analysis, vulnerability identification and remediation, and support for post-incident investigations. All of this is supported by techniques that allow security data to be analyzed while respecting privacy and regulatory requirements.
SONIC Marketplace, conceived from the outset as an open and extensible platform, is expected to be the main outcome of the project. This will allow not only the integration of tools developed by the consortium itself but also third-party solutions and results from other European projects.
To this end, IMDEA Software will lead two areas of the project: malware analysis and vulnerability management, in addition to contributing to the integration and evaluation of the full set of capabilities. This will allow research advancements to be validated under near-real conditions and facilitate their adoption in operational environments.
Regarding impact, Georgios emphasizes that SONIC aims to improve the response capability against cyberattacks, particularly in critical organizations and services. Reducing deployment and reaction times can make the difference in preventing successful attacks or limiting their consequences. In the long term, the project seeks to promote a European cybersecurity ecosystem supported by a sustainable marketplace that connects providers and users beyond the lifespan of SONIC.
The project consortium is composed of several research institutions, including ATHINA – Research and Innovation Center in Information, Communication and Knowledge Technologies (ISI), the University of Cyprus (UCY), and IMDEA Software, along with industrial and technological partners such as AEGIS, UBITECH (UBI), CYMPH, Trustilio (TRUST), Axon Logic, Electi Consulting (ELECTI), Eunomia LTD (EUNL), and ADACOM SOC (ADA), the latter responsible for validating the marketplace in a real Security Operations Center.
The project is supported by the European Cybersecurity Industrial, Technology and Research Competence Centre and its members.
