Contributed to both EU-SEC (European Security Certification Framework) and MEDINA (continuous audit-based certification for cloud), spanning 2017–2023.
FABASOFT AUSTRIA GMBH
Austrian cloud software company contributing industry expertise to EU cloud security certification and Cybersecurity Act compliance research.
Their core work
Fabasoft is an Austrian commercial software company based in Linz, known in the enterprise market for cloud-based content management and document workflow platforms. In the H2020 context, they appear as a third-party technology contributor to EU cybersecurity research — providing their cloud platform or operational expertise to consortia developing security certification frameworks for cloud services. Their two projects center on how cloud providers can achieve, demonstrate, and continuously maintain compliance with EU-wide security standards, including the EU Cybersecurity Act. Rather than conducting foundational research, Fabasoft brings the perspective and infrastructure of an actual cloud service operator into certification research.
What they specialise in
MEDINA project explicitly targets continuous auditing and certification pipelines, areas directly relevant to Fabasoft's cloud platform operations.
MEDINA keywords include direct reference to the Cybersecurity Act, positioning Fabasoft within EU regulatory compliance research for cloud services.
MEDINA lists smart contracts as a keyword, indicating involvement in blockchain-based mechanisms for automated trust and certification — a newer angle in their portfolio.
How they've shifted over time
In their first H2020 engagement (EU-SEC, 2017–2019), Fabasoft was involved at a broad, framework-level — contributing to the conceptual design of a European security certification architecture, with no specific technical keywords recorded. By 2020 (MEDINA), their engagement became markedly more technical and regulatory-specific: cloud certification schemes, continuous auditing, Cybersecurity Act alignment, and smart contracts all appear. This shift suggests Fabasoft moved from early-stage framework input toward hands-on technical implementation and compliance tooling as EU cybersecurity regulation matured.
Fabasoft is deepening its engagement with automated, regulation-driven cloud certification — making them a useful industry partner for any consortium building certification tooling under the EU Cybersecurity Act or ENISA frameworks.
How they like to work
Fabasoft participates exclusively as a third party — not as a formal consortium member — which means they contribute proprietary technology, platform access, or operational expertise without taking on grant administration or project leadership. This pattern is consistent with a commercial vendor providing their cloud infrastructure as a testbed or reference implementation for research consortia. With 19 partners across 11 countries from just two projects, they join large, multi-national consortia rather than small bilateral collaborations, suggesting their contribution is valued but scoped.
Despite only two H2020 projects, Fabasoft has engaged with 19 distinct consortium partners across 11 countries — reflecting participation in large, internationally distributed security research consortia. No geographic concentration is evident, which is typical for EU-wide cybersecurity policy projects.
What sets them apart
Unlike the universities and research institutes that dominate cybersecurity certification consortia, Fabasoft is a commercial cloud operator — which gives them the rare ability to contribute real-world deployment constraints and operational data to certification research. Their third-party model suggests they offer something tangible (a live platform, proprietary tooling, or compliance infrastructure) that research partners cannot replicate themselves. For consortium builders, this makes Fabasoft a credible industry voice on whether proposed certification standards are actually implementable at scale.
Highlights from their portfolio
- EU-SECEarly entry point into European-level security certification policy — a foundational project that shaped ENISA's cloud certification approach, giving Fabasoft visibility at the EU regulatory level.
- MEDINAMost technically ambitious engagement, combining continuous cloud auditing, smart contract-based certification, and Cybersecurity Act compliance in a single framework — directly relevant to cloud providers facing EU regulatory obligations.