EU MITRE ATT&CK® Community Workshop

The eleventh EU MITRE ATT&CK® Community Workshop was organised in hybrid format on Friday 26 May 2023, hosted by the Centre for Cybersecurity Belgium. The slide decks from the presentations are available at : Slides from the eleventh workshop.

Agenda

26-May        
         
Time CEST Ttile First name Last name Organisation
10.00 Welcome from CCB Miguel De Bruycker CCB
10.10 Opening and welcome Freddy    
10.20 We need your help ! Kevin Holvoet CCB
10:40 MITRE ATT&CK for Incident Response Reporting Björn Vanneste Checkpoint
11.00 Early Lessons from Cloud Incidents Anna Chung Palo Alto
11.20 Practical investigations and Threat Hunting with Top ATT&CK Marvin Ngoma Elastic
11.40 Mapping MITRE ATT&CK and D3FEND to the ECSF for cyber range scenario generation Sebastien Dupont CETIC
12.00 Use-Case of Cybersecurity requirements, mapping Mitre ATT&CK for ICS on STRIDE for Transportation Olivier de Visscher Expleo
    Jean-Sebastien Servaye Alstom
12.20 Everything Everywhere All at Once: From Threat Scenarios to Detection - powered by ATT&CK Hong-Gie Ong ING
         
12.40 Break for lunch -      
         
13.30 State of ATT&CK Adam Pennington MITRE
    Charissa Miller MITRE
14.00 Roadmap for Advancing Threat-Informed Defense Jon Baker ENGENUITY
14.20 Detection Engineering R&D at the Center for Threat-Informed Defense Roman Daszczyszak ENGENUITY
14.40 ATT&CK Sync – Staying current with the ATT&CK releases Roman Daszczyszak ENGENUITY
15.00 Analysing Sigma rule sets with MITRE ATT&CK Thomas Patzke  
15.20 >10,000 Sigma rules + ATT&CK x ChatGPT = Uncoder A.I. Andrii Bezverkhyi Socprime
         
15.40 Break for coffee      
         
16.00 Integrating Sigma into Splunk Security Content Patrick Bareiss SPLUNK
16.20 Using Open Standards to Represent, Detect and Respond to Adversary Behaviors Charles Frick Johns Hopkins University
16.40 Pattern-of-life analysis of C2 hosts focusing on MITRE ATT&CK Pre-Compromise phase Matt Lembright Censys
17.00 ATT&CK with Confidence Eireann Leverett Tidal
17.20 Closing comments Freddy    

About the EU ATT&CK Community

The EU ATT&CK Community is a diverse community of practitioners including security professionals, cybersecurity vendors, CSIRTs/CERTs and user organisations whose aim is to actively use MITRE ATT&CK® while contributing back to improve cyber defense. The EU MITRE ATT&CK® Community is a volunteer-driven vendor neutral platform where all users can discuss, exchange and improve their use of adversary tactics and techniques together in practical use cases like attribution, prevention, detection, hunting and response.

Contact

If you want to get in touch with us or if you want to join the mailing list, you can reach us via email info@attack-community.org.