Sandia Labs FY22 Laboratory Directed Research & Development Annual Report

FY22 ANNUAL REPORT

R&D 100 Award Winner AUTOMATED THREAT ESTIMATOR FOR NETWORKS AND APPLICATIONS (ATHENA): CYBER ANALYSIS PLATFORM. ATHENA is an analytic platform that fuses data

including MAC and IP addresses, manufacturers, operating system details, system subnetting, inventory of connected end-point addresses, situational awareness, and configuration changes. ATHENA is highly extensible in the types and specific data queries it can execute. Elements of ATHENA were derived from the Automated Threat Modeling for Cyber Security Analytics and Emulation LDRD project. (PI: Vince Urias)

collected from several disparate sources (e.g., deep packet inspection data, Zeek data, routing tables, device configurations, user asset inventories, organization Information, etc.). The current focus of ATHENA is enterprise network architecture and device configuration data. The platform enables users to quickly access and correlate data describing near-real time network architecture and device configuration. This data includes device inventory, network topology, device description

WATCH THE YOUTUBE VIDEO R&D 100

Vince Urias, PI for the Automated Threat Estimator for Networks and Applications R&D 100 winning project (Photo by Randy Montoya)

92