Ninth EU MITRE ATT&CK® Community Workshop 2 June 2022

The ninth EU ATT&CK Community Workshop will take place on 2 June 2022 from 10am CET until 5pm. We will organize this event in hybrid format, with space for some 200 attendees in a conference room in Brussels and the other attendees joining virtually. Physical attendance registration is closed now.


Time CEST Ttile First name Last name Organisation
10.00 Opening and welcome (Freddy)      
10.15 Statistical mapping of malicious events seen by CERT-EU to ATT&CK George Koutepas CERT-EU
10.30 Improving MISP workflow with ATT&CK Alexandre Dulaunoy CIRCL
10:45 Using ATT&CK to prioritise defences Joris Pinoy EUROCLEAR
11.00 The use of ATT&CK to defend against destructive cyber attacks Andrii Bezverkhyi SOCPRIME
11.15 Defense and Detection in Depth using MITRE ATT&CK, MITRE D3FEND, and NIST SP 800-53 Kevin Gomez Buquerin AUDI
11.30 An adversarial viewpoint to identify High Value Targets to increase Cyber Resilience Francesco Chiarini STANDARD CHARTERED
    Calin Gheorghiu STANDARD CHARTERED
11.45 Leveraging MITRE mitigations for cyber posture analysis Craig Roberts NOETIC
12.00 Emulation of a Nation State Attacker Agostino Panico BSidesRoma
12.15 Auditd for the newly threatened Tim Brown CISCO
12.30 Break for lunch -      
13.30 State of ATT&CK Jamie Williams MITRE
    Casey Knerr MITRE
14:00 Top ATT&CK Techniques Ingrid Skoog ENGENUITY
14:15 CTID Attack Flow Steve Luke ENGENUITY
14.30 pySigma: Project Structure & Contribution Thomas Patzke  
14.45 ATT&CK enrichment in Sigma Splunk Backend Patrick Bareiss SPLUNK
15.00 Break for coffee -      
15.30 Detection mapping, how does your coverage compare to ATT&CK? Olaf Hartong FalconForce
15.45 Kickstarting your DFIR capability in AWS in 24h Teodor Cimpoesu EC DIGIT CSIRC
16.00 Kubernetes Untapped: monitor pod network traffic to detect security threats Vijit Nair CORELIGHT
    Stan Kiefer CORELIGHT
16.15 Managing Cloud Adoption with Security Stack Mappings Jose Barajas ATTACKIQ
16.30 Using Natural Language Processing to identify TTPs Sven Niedner SYNAMIC
16:45 Tidal Community Edition: Making Threat-Informed Defense Easier for All Rich Struse TIDAL

Participation to this event is at no cost, but registration is required on the following link (EU Commission registration system): Registration for the ninth EU ATT&CK workshop. The event will not be recorded.

The workshop is hosted by CERT-EU and supported by CIRCL and the MITRE Engenuity Center for Threat-Informed Defense. It is organized by practitioners and for practitioners with an interest in the use of the MITRE ATT&CK® Framework in Prevention, Detection/Hunting and Response.

About the EU ATT&CK Community

The EU ATT&CK Community is a diverse community of practitioners including security professionals, cybersecurity vendors, CSIRTs/CERTs and user organisations whose aim is to actively use MITRE ATT&CK® while contributing back to improve cyber defense. The EU MITRE ATT&CK® Community is a volunteer-driven vendor neutral platform where all users can discuss, exchange and improve their use of adversary tactics and techniques together in practical use cases like attribution, prevention, detection, hunting and response.


If you want to get in touch with us, you can reach us via email and . You can also join the mailing list by sending a request to .