EU MITRE ATT&CK® Community Workshop – Registration is open!
The 2025 EU ATT&CK Community Workshop will take place, in hybrid format, on 15 May 2025 from 9:30am CET until 5pm CET, hosted by Eurocontrol and supported by the MITRE Center for Threat-Informed Defense and the Centre for Cybersecurity Belgium . It is organized by practitioners and for practitioners with an interest in the use of the MITRE ATT&CK® Framework in Prevention, Detection/Hunting and Response.
Draft Agenda
| 15-May | ||||
|---|---|---|---|---|
| Time CEST | Ttile | First name | Last name | Organisation |
| 9.30 | Opening and welcome | Freddy | ||
| 9.45 | How Eurocontrol uses ATT&CK | Patrick | Mana | Eurocontrol |
| 10.00 | A funny tale of an unknown technique | Vito | Alfano | CITIA |
| 10.15 | How Stolen Identity Data Fuels Cyber Threats | Mandeep | Sandhu | SpyCloud |
| 10:30 | Enhancing Cyber Threat Intel with the HVT STIX Extension | Francesco | De Chiarini | High Value Target |
| 10.45 | Risk-Based TTP Scoring for Proactive Threat Prioritization and Response | Mohammad | Makchudul | BGD e-GOV CIRT |
| 11.00 | Coffee | |||
| 11.15 | Leveraging Adversary Emulation for GenAI Red Teaming | Kennedy | Torkura | Mitigant |
| 11.30 | How to interlock MITRE ATT&CK to Risk | Neil | Jacobs | Lloyds Bank |
| 11.45 | Transl&ting Annual Threat Reports: Best Practice Guidance | Scott | Small | TIDAL Cyber |
| 12.00 | OpenTIDE the Threat-informed Detection Engineering framework | Remy | Seguy | European Commission |
| 12.15 | Clustering APT Groups for Tailored Mitigation Strategies | Efthymios | Lalas | European Commission |
| 12.30 | Break for lunch - | |||
| 13.30 | State of ATT&CK | Adam | Pennington | MITRE |
| 14.00 | Update on Attack Flow | Mark | Haase | MITRE |
| 14.15 | From Attacks to Action: An Open Community Model to Drive Defensive Choices | Phyllis | Lee | CIS |
| Curtis | Dukes | CIS | ||
| 14.30 | In the Eye of Falco - Enabling Visibility and Forensics in Kubernetes and Linux Environments | Sergej | Epp | Sysdig |
| 14.45 | Cloud Security by Default | Freddy | ||
| 15.00 | Break for coffee | |||
| 15.15 | From Stuck to Started: Agents Unblock Detection Workflows | Raj | Sharma | AttackIQ |
| 15.30 | Applying MITRE ATT&CK for threat-informed cyber insurance underwriting | Jay | Vinda | Mosaic Insurance |
| 15.45 | Applying MITRE ATT&CK for Resilience: A Lessons-Learned Approach | Lorenzo | Vacca | ISSA |
| 16.00 | ATT&CK to increase cyber resilience of National Critical Infrastructures | Giorgi | Gurgenidze | GITAC |
| 16.15 | Prioritizing ATT&CK Techniques for National-Level Threat-Informed Defence | Oleksii | Hlushkov | CERT-UA |
| 16.30 | Threat Bounty in the era of AI: LLM assisted Sigma rules and ATT&CK flows generation for Threat Informed Detection Engineering | Andrii | Bezverkhyi | Socprime |
| 16.45 | TBD | |||
| 17.00 | Closing comments | Freddy |
You can register for the event on the following link:
Registration for the 2025 EU MITRE ATT&CK Community Workshop
Please specify if you would like to attend in person or virtually. If you attend in person at the Eurocontrol premises in Brussels, you can also submit a proposal for a talk, to share your experience with the ATT&CK® Framework.
About the EU ATT&CK Community
The EU ATT&CK Community is a diverse community of practitioners including security professionals, cybersecurity vendors, CSIRTs/CERTs and user organisations whose aim is to actively use MITRE ATT&CK® while contributing back to improve cyber defense. The EU MITRE ATT&CK® Community is a volunteer-driven vendor neutral platform where all users can discuss, exchange and improve their use of adversary tactics and techniques together in practical use cases like attribution, prevention, detection, hunting and response.
Contact
If you want to get in touch with us, you can reach us via email info@attack-community.org.