EU MITRE ATT&CK® Community Workshop
The eleventh EU MITRE ATT&CK® Community Workshop was organised in hybrid format on Friday 26 May 2023, hosted by the Centre for Cybersecurity Belgium. The slide decks from the presentations are available at : Slides from the eleventh workshop.
Agenda
26-May | ||||
---|---|---|---|---|
Time CEST | Ttile | First name | Last name | Organisation |
10.00 | Welcome from CCB | Miguel | De Bruycker | CCB |
10.10 | Opening and welcome | Freddy | ||
10.20 | We need your help ! | Kevin | Holvoet | CCB |
10:40 | MITRE ATT&CK for Incident Response Reporting | Björn | Vanneste | Checkpoint |
11.00 | Early Lessons from Cloud Incidents | Anna | Chung | Palo Alto |
11.20 | Practical investigations and Threat Hunting with Top ATT&CK | Marvin | Ngoma | Elastic |
11.40 | Mapping MITRE ATT&CK and D3FEND to the ECSF for cyber range scenario generation | Sebastien | Dupont | CETIC |
12.00 | Use-Case of Cybersecurity requirements, mapping Mitre ATT&CK for ICS on STRIDE for Transportation | Olivier | de Visscher | Expleo |
Jean-Sebastien | Servaye | Alstom | ||
12.20 | Everything Everywhere All at Once: From Threat Scenarios to Detection - powered by ATT&CK | Hong-Gie | Ong | ING |
12.40 | Break for lunch - | |||
13.30 | State of ATT&CK | Adam | Pennington | MITRE |
Charissa | Miller | MITRE | ||
14.00 | Roadmap for Advancing Threat-Informed Defense | Jon | Baker | ENGENUITY |
14.20 | Detection Engineering R&D at the Center for Threat-Informed Defense | Roman | Daszczyszak | ENGENUITY |
14.40 | ATT&CK Sync – Staying current with the ATT&CK releases | Roman | Daszczyszak | ENGENUITY |
15.00 | Analysing Sigma rule sets with MITRE ATT&CK | Thomas | Patzke | |
15.20 | >10,000 Sigma rules + ATT&CK x ChatGPT = Uncoder A.I. | Andrii | Bezverkhyi | Socprime |
15.40 | Break for coffee | |||
16.00 | Integrating Sigma into Splunk Security Content | Patrick | Bareiss | SPLUNK |
16.20 | Using Open Standards to Represent, Detect and Respond to Adversary Behaviors | Charles | Frick | Johns Hopkins University |
16.40 | Pattern-of-life analysis of C2 hosts focusing on MITRE ATT&CK Pre-Compromise phase | Matt | Lembright | Censys |
17.00 | ATT&CK with Confidence | Eireann | Leverett | Tidal |
17.20 | Closing comments | Freddy |
About the EU ATT&CK Community
The EU ATT&CK Community is a diverse community of practitioners including security professionals, cybersecurity vendors, CSIRTs/CERTs and user organisations whose aim is to actively use MITRE ATT&CK® while contributing back to improve cyber defense. The EU MITRE ATT&CK® Community is a volunteer-driven vendor neutral platform where all users can discuss, exchange and improve their use of adversary tactics and techniques together in practical use cases like attribution, prevention, detection, hunting and response.
Contact
If you want to get in touch with us or if you want to join the mailing list, you can reach us via email info@attack-community.org.