DAGIA: Threat Detection and Adaptive Incident Management

Duration of the project:
July, 2023 –
June, 2026
Funded by
Project Manager
inLab FIB Team:
Areas of expertise involved in the project
DAGIA: Threat Detection and Adaptive Incident Management


The overall objective of the project is the development of a threat detection and incident management module for ICT infrastructures that learns from the behavior and structure of the infrastructure in which it is installed and adapts cybersecurity technologies based on Machine Learning rules and algorithms to provide maximum performance for an organization.

The project will generate a knowledge base of the behavior and structure of the infrastructure it monitors through the events collected by different agents distributed in this infrastructure, to train a Machine Learning model that will automatically adapt the technologies of a SOC with the aim of reducing the output of false positives in the alert system.

The innovation provided by this solution is the adaptation of technologies based on artificial intelligence, not only to the filtering of events, but also to improve the correlation of these and their visualization for the user.

This solution will allow users to manage the cybersecurity of their infrastructure in a simple and automatic way, without the need for technical knowledge or complex interfaces.

The development of this project will be carried out by the consortium formed by the following members:


inLab FIB participates in this project by providing technical expertise in the areas of Machine Learning, cybersecurity and design and deployment of cloud infrastructures:

  • Support in the definition of the system architecture and resolution of critical points.
  • Support in the design and modelling of Machine Learning algorithms, with the aim of improving threat detection in distributed systems.
  • Development of key parts within the infrastructure, in particular in the cloud.


The DAGIA project is a proposal submitted and won by the company ITALTEL S.A., at the national institute of cybersecurity (INCIBE) and which is part of the research and development services in the field of cybersecurity.