EU MITRE ATT&CK® Community Workshop 7 October 2022

The tenth EU MITRE ATT&CK® Community Workshop will be organised in Brussels on 7 October 2022. It will be hosted by the Centre for Cybersecurity Belgium.

The workshop will be organised as a hybrid event. You will learn best practices from your peers and from the MITRE ATT&CK and ENGENUITY team. We will continue the highly-effective format of short (15’) lightning talks. We don’t record the presentations, but the slides of the presentations will be made available after the workshop.

Registration (in person or virtual) is possible at no cost via this link: Registration for the tenth EU MITRE ATT&CK Community Workshop.

During registration for the in-person event you will be invited to express interest in sharing you experiences in a talk. The number of seats in the in-person event is limited and the remaining seats will be reserved for speakers. We require all attendees to register using their real name and their corporate email address. If this information is not provided, the registration may be refused.

Draft programme:


Time CEST Ttile First name Last name Organisation
10.00 Opening and welcome Freddy    
10.10 Welcome from CCB Miguel De Bruycker CCB
10.20 How the CCB communicates TTPs to its constituents using the MITRE ATT&CK framework Kevin Holvoet CCB
10:40 Use of Mitre Attack in Industrial CyberSOC: References and return of experience Olivier De Visscher EUROPEAN RAILWAY ISAC
11.00 Security Operations usage of MITRE ATT&CK Jack Gorman BT
11.20 The purple power of automation Jeroen Vandeleur NVISO
11.40 Leveraging ATT&CK in purple teaming and adversary emulation Bono Vanderpoorten SOPRA STERIA
12.00 In Curation We Trust: Generating Contextual & Actionable Threat Intelligence Michel Coene NVISO
12.20 Break for lunch -      
13.30 State of ATT&CK Adam Pennington MITRE
14.00 Look Back, Act Forward Ingrid Skoog ENGENUITY
14.20 Attack Flow Ross Weisman ENGENUITY
14.40 Optimising the Financial Costs of Cybersecurity Analytics Monzy Merza HSBC
15.00 Sigma Rules and MITRE ATT&CK as foundation of Collective Cyber Defence Ruslan Mikhalov SOCPRIME
15.20 Break for coffee      
15.40 Mapping the Adversary for Defensive Profiling Andrew Costis ATTACKIQ
16.00 Detection As Code Principles Patrick Bareiss SPLUNK
16.20 Making Threat-Informed Decisions with Community Driven Resources Rich Struse TIDAL
16.40 TBD      
17.00 Closing comments Freddy    

About the EU ATT&CK Community

The EU ATT&CK Community is a diverse community of practitioners including security professionals, cybersecurity vendors, CSIRTs/CERTs and user organisations whose aim is to actively use MITRE ATT&CK® while contributing back to improve cyber defense. The EU MITRE ATT&CK® Community is a volunteer-driven vendor neutral platform where all users can discuss, exchange and improve their use of adversary tactics and techniques together in practical use cases like attribution, prevention, detection, hunting and response.


If you want to get in touch with us or if you want to join the mailing list, you can reach us via email