Development and Implementation of Deepye: A Threat Intelligence Platform for Attack Surface Analysis

Overview

This post presents the academic work “Development and Implementation of Deepye: A Threat Intelligence Platform for Attack Surface Analysis”, developed by Luca Ciarlo within the University of Sannio academic context.

The project focuses on the design and implementation of Deepye, a Threat Intelligence Platform aimed at supporting attack surface analysis through the collection, enrichment, and correlation of externally observable security evidence.

Project Context

Modern organizations are increasingly exposed through public-facing assets, misconfigured services, leaked information, and fragmented digital footprints. In this scenario, a Threat Intelligence Platform must not only collect indicators, but also help analysts transform heterogeneous data into structured and actionable evidence.

Deepye was designed with this objective in mind: providing a modular environment able to integrate open-source and close-source intelligence sources, normalize findings, and support risk-oriented analysis.

Main Objectives

The work addresses three practical needs:

• mapping externally observable assets and exposures;
• correlating intelligence from multiple sources;
• supporting analysts in the prioritization of relevant findings.

The platform follows an attacker-centric perspective, focusing on what can be discovered from the outside before such information is exploited by adversaries.

Relevance

The project contributes to the broader discussion on Cyber Threat Intelligence platforms by connecting academic research, software engineering, and operational security requirements. It also provides a useful foundation for future work on automated enrichment, exposure scoring, and intelligence-driven risk assessment.

Candidate

Luca Ciarlo