The VANTAGE EU project kicked off in Athens today, 26 February 2026, bringing together the full 14-partner consortium for the first time. After months of document exchange, remote calls, and grant agreement finalization, sitting across a room from everyone working on this platform is a different kind of useful. You cover ground faster. You surface assumptions that survived months of async communication without ever being examined.
VANTAGE — Vulnerability Assessment and Testing Automation for Global Enhancement — is a €7+ million EU-funded project under the DIGITAL-ECCC-2024-DEPLOY-CYBER-07 call. The project runs for 36 months with 14 partners across 6 EU countries. Yameveo is leading Work Package 5, which is the system integration and validation layer that has to hold all of this together.
What VANTAGE Is Actually Building
The core idea behind the VANTAGE EU cybersecurity project is automation at a level that SOC and CSIRT teams have not had access to yet. Today, incident response still depends heavily on analysts making manual decisions under pressure — triaging alerts, correlating logs, running vulnerability scans, initiating penetration tests. Each of those steps has tools. None of them talk to each other in a way that removes the human bottleneck.
VANTAGE is trying to close that gap with a single integrated platform. Multi-agent AI handles autonomous decision-making and orchestration. An automated incident investigation module handles forensics, log analysis, and event correlation without waiting for a human to start the process. A continuously running VAPT module detects vulnerabilities, validates exploitability, and keeps its exploit knowledge base updated automatically from public and private sources. The ambition is TRL 7 — not a research prototype, but a system validated in live CSIRT and SOC environments by the end of the project.
What makes this technically interesting is the self-updating component. The VAPT module is designed to autonomously pull, standardize, and integrate exploit scripts — adapting to the current threat landscape without a manual update cycle. Combined with the multi-agent AI layer that orchestrates decisions across the platform, this is closer to an active defense system than a collection of scanning tools.
Why European Cybersecurity Needs This Now
The regulatory context is not incidental to this project — it is part of the design brief. NIS2 has raised the baseline obligations for operators of essential services across the EU. The EU AI Act introduces compliance requirements for any AI system used in high-risk contexts, which a platform making autonomous security decisions clearly is. GDPR adds another layer for anything touching personal data in forensic investigations.
Most existing VAPT and incident response tooling was built before any of these regulations existed in their current form. VANTAGE is being designed with those constraints baked in from the start, not retrofitted. That is a real differentiator for CSIRTs and SOCs who need to demonstrate compliance, not just operational effectiveness.
The pilot structure reinforces this. Two operational CSIRT and SOC environments — ARNES/SI-CERT (national CSIRT, Slovenia) and Cordoba Networks (private SOC, Netherlands) — will run the platform against real conditions in the final phase of the project. The validation scenarios are concrete: introduce vulnerabilities and measure whether the platform finds and exploits them autonomously; simulate incidents and measure investigation time and attribution accuracy; run the AI chatbot against live SOC workflows and compare its performance against the human baseline. These are not controlled lab scenarios.
Where Yameveo Fits
Yameveo leads WP5, which covers system specification, integration requirements, and end-to-end validation. In a project where six other work packages are building components that all have to interoperate, WP5 is where the overall system contract gets defined and tested. We are responsible for translating what operators actually need into formal requirements, then verifying that what the platform delivers matches those requirements at system scale.
Beyond WP5, Yameveo contributes backend programming to the AI orchestration layer, the incident investigation modules, and the VAPT components. That spread is deliberate — being close to the component-level implementation means WP5 integration and testing work is informed by how the pieces actually behave, not just how they are specified.
A new task announced at the kickoff is worth noting: an assessment of human factors and analyst cognitive load, looking at how the platform performs under real operator conditions rather than benchmark conditions. That question matters more than it sounds. A platform that works in testing but overwhelms analysts in production has not solved the problem.
The Consortium and What Comes Next
Fourteen organizations across six countries. Universities from Denmark, Italy, and Spain provide AI quality assurance and academic rigor. National CSIRTs provide operational grounding and pilot environments. Security-focused SMEs build the platform components. Diadikasia Business Consulting (Greece) coordinates the whole project, with INFRA AI serving as technical director.
Day 2 moves into technical workshops — deeper working sessions on the AI layer, incident investigation, VAPT, and a joint session on integration and pilots that Yameveo is co-leading with JSI. The first six months are foundation: governance plan, ethics and compliance report, and the initial AI framework design are all due before month six. For WP5, that means systematic gap analysis and requirement collection starting now — the architecture specification work follows from that.
The grant agreement was signed in December 2025. The consortium agreement followed in February. Work started 1 January 2026. The kickoff is the formal alignment point, but the work was already moving before we arrived in Athens. Today made it real in a different way.
Funded by the European Union (VANTAGE — DIGITAL-ECCC-2024-DEPLOY-CYBER-07). Views and opinions expressed are those of the author only and do not necessarily reflect those of the European Union or the European Commission.