Secure Information Sharing Sensor Delivery Event Network


SISSDEN will improve the cybersecurity posture of EU organisations and citizens through the development of increased situational awareness and the effective sharing of actionable information. SISSDEN builds on the experience of The Shadowserver Foundation, a non-profit organisation well known in the security community for its successful efforts in the mitigation of botnets and fighting malware propagation. SISSDEN will provide free-of-charge victim notification services, and work in close collaboration with Law Enforcement Agencies, national CERTs, network owners, service providers, small and medium-sized enterprises (SMEs) and individual citizens.

This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 700176. More info..

Latest Blog Posts

T-POT integration to SISSDEN collaboration

Running the latest T-Pot as a vetted SISSDEN user? You can now contribute your data to SISSDEN! For the last couple of years, T-Pot , the docker-based open source honeypot platform developed by our partner Deutsche Telekom (DTAG), evolved as one of the most successful honeypot platforms, not o...


Finding Perpetrators behind DDoS Attacks

Finding Perpetrators behind DDoS AttacksReflective Amplification Denial-of-Service attacks continue to be a serious threat. We measured roughly 10,000 attacks per day in a post last year, and the numbers have not gone down since: In the first two months of 2019 our honeypot network already saw...


An overview of the SISSDEN honeypot sensor network architecture

The primary data collection mechanism at the heart of the SISSDEN project is a sensor network of honeypots. The sensor network is composed of VPS provider hosted nodes and nodes donated to the project by third-parties acting as endpoints. These VPS nodes/endpoints are not the actual honeypots themse...


Project overview

SISSDEN is a Horizon 2020 project aimed at improving the cybersecurity posture of EU entities and end users through the development of situational awareness and sharing of actionable information. It builds on the experience of The Shadowserver Foundation, a non-profit organization well known in the security community for its efforts in mitigation of botnet and malware propagation, free of charge victim notification services, and close collaboration with Law Enforcement Agencies, national CERTs, and network providers. Check out the architecture overview.

Contact and Collaborations

The project addresses the security concerns of wide range of stakeholders, such as National CERTs, Internet Service Providers (ISPs), Law Enforcement Agencies, EU and non-EU Citizens, Academic and Private Industry Researchers, The European Commission, and Industry partners (large and small).

One of the main goals of the project is community collaboration.

We are seeking partners interested in:

  • Deploying sensors, providing IP space, VMs or physical servers in support of the project
  • Willing to contribute new honeypot/sensor technologies that can be deployed as part of the project
  • Providing third party feeds that could be integrated with SISSDEN or help enrich curated data
  • Collaborating on academic research on the curated data set

We are open to colaboration with Law Enforcement initiatives with data on malware and botnet activity. An example of one such current initiative is the Criminal Use of Information Hiding Initiative.

Interested partners should send a mail to

We are also open to any other collaboration proposals and will be happy to answer any questions about the project.