Day two of the VANTAGE kickoff in Athens. The morning session belonged to WP5 — our workpackage. Fourteen partners in the room, coffee going cold, projector warm. This was the moment to show the consortium what Yameveo had been building and how we plan to run WP5 over the next 36 months of this €7+ million EU-funded cybersecurity project.
What WP5 Is Actually For
WP5 covers functional, operational, and testing requirements for VANTAGE — the connective tissue that links the AI modules (WP2), incident investigation (WP3), and VAPT platform (WP4) into something coherent. As WP5 lead, Yameveo is responsible for defining the architecture that makes all of it work together. That means collaborating closely with CERTH, INFRA, Haxor AI, SI-CERT-ARNES, and the rest of the consortium to agree on interfaces, testing methodology, and integration standards before each workpackage builds in isolation.
To make that coordination real from day one, we structured everything in ClickUp: one space per workpackage, folders per task (T5.1, T5.2, T5.3), deliverable tracking, meeting cadences locked in. Monthly full WP5 calls plus a dedicated monthly per task. It sounds administrative, but on a 14-partner EU project across six countries, structure is what keeps work from drifting.
The Two Proof-of-Concept Demos
We did not come to Athens with slides and promises. We brought working code. Two proof-of-concept systems, both already running, built to validate our architectural assumptions before the formal work begins.
POC 1 — Microservices Scanning Platform
The first POC is a file-based, event-driven security scanning platform. A gateway layer receives scan requests and routes them to isolated security modules — one each for vulnerability assessment, web assessment, and system analysis. Jobs move between modules via the filesystem rather than through a message broker. The approach is intentional: it keeps the system crash-resilient and auditable. Output is structured scan reports delivered back to the requester.
The design choice to avoid complex messaging infrastructure came from practical experience. In a security context, you want clear handoffs you can inspect and replay. A job sitting on disk is harder to lose than an in-memory event.
POC 2 — AI-Powered Report Chatbot
The second POC addresses a real pain point for SOC analysts and CSIRTs: vulnerability reports are long, dense, and hard to navigate quickly. We built an AI-powered chatbot that lets analysts ask questions about their scan reports in plain language and get answers grounded in the actual document content.
The system runs entirely on-premises — no cloud API calls, no data leaving the environment. That matters when you are handling vulnerability data for critical infrastructure operators. The AI components are self-hosted, which means the system can operate in air-gapped environments if needed. Each analyst’s data is isolated: their reports, their chat history, their context — kept separate at every layer.
Both POCs are built around standardised API contracts throughout. On a project where multiple teams across multiple countries need to integrate their modules, a shared interface specification is not optional — it is what makes integration possible without weekly debugging calls.
What Comes Next
The next two months (M2–M3) are about establishing the operational rhythm: monthly meetings scheduled, end-user requirement templates circulated to ECSO partners including SI-CERT-ARNES, and a progress and blockers tracker in place for CERTH, INFRA, and Haxor AI.
By M3–M6, the goal is a completed gap analysis draft, formalized architecture documentation, a defined testing methodology framework, and the first round of end-user requirements collected. That last point is important — VANTAGE is being built for real SOC operators and CSIRTs, and their input shapes every architectural decision we make in WP5.
Athens was two days of dense technical and organizational work. The kickoff format worked: getting all 14 partners physically in the same room, walking through each workpackage, surfacing dependencies early. We leave with a clearer picture of what the consortium expects from WP5, and the consortium has a clearer picture of where Yameveo is taking the architecture.
Next update will come once the monthly cadence is running and the first requirement templates are back from the field. If you are working on EU cybersecurity infrastructure and want to understand how VANTAGE fits your context, reach out: hello@yameveo.ai