Twelfth EU MITRE ATT&CK® Community Workshop 17 May 2024
The twelfth EU ATT&CK Community Workshop has taken place on 17 May 2024. The workshop was hosted by the Centre for Cybersecurity Belgium and supported by the MITRE Engenuity Center for Threat-Informed Defense. The presentations are available here: Slide decks from the presentations at the twelfth EU ATT&CK Workshop
Agenda
| Time CEST | Ttile | First name | Last name | Organisation |
| 9.30 | Opening and welcome | Miguel | De Bruycker | CCB |
| 9.30 | Enhancing Cybersecurity with MITRE ATT&CK and CyberFundamentals | Kevin | Holvoet | CCB |
| 9.45 | The Always-On Purple Team: An Automated CI/CD for Detection Engineering | Erik | Van Buggenhout | NVISO |
| 10.00 | Threat-Led Attack Emulation: Holistic & Efficient Adoption of Threat-Informed Defense | Kennedy | Torkura | Mitigant |
| 10.15 | Purple Teaming Automation | Rajendra | Mekhale | ItsMe |
| 10:30 | TotalTest – An Integrated Approach to Conducting Attack Simulation | Nebu | Varghese | FTI Consulting |
| 10.45 | Threat-Informed Defense: Transforming Intelligence into Countermeasures | Grzegorz | Molski | Standard Chartered |
| Wojciech | Lesicki | Standard Chartered | ||
| 11.00 | Coffee | |||
| 11.30 | GenAI for Threat-Informed Defense - GenAI as Buddy for TID Research & Development | Ryusuke | Masuoka | Fujitsu |
| 11.45 | Chat with your CTI | Dhia | Mahjoub | Independent researcher |
| 12.00 | The rationale for Cyber Risk Quantification | Robert | Kloots | Trust Matters |
| 12.15 | Digital Maintenance for Rail: A MITRE ATT&CK Handbook for Today (and Tomorrow) | Emma | Taylor | RazorSecure |
| 12.30 | Break for lunch - | |||
| 13.30 | State of ATT&CK | Casey | Knerr | MITRE |
| 14.00 | Center for Threat-Informed Defense R&D Update | Tiffany | Bergeron | ENGENUITY |
| 14.15 | Introduction of Sigma Correlations | Thomas | Patzke | Evonik |
| 14.30 | SigmAIQ: Bridging Advanced LLM Support with Sigma Rules for Next-Gen Cyber Defense | Stephen | Lincoln | AttackIQ |
| 14.45 | TRAM LLM for ATT&CK | Andrii | Bezverkhyi | SOC Prime |
| Alla | Iurchenko | SOC Prime | ||
| 15.00 | Break for coffee | |||
| 15.30 | A Look Outside the Window(s): CTI Spotlight on Less-Prominent ATT&CK Techniques | Scott | Small | TIDAL |
| 15.45 | Operationalizing Threat Intelligence to ATT&CK your Adversaries | Hanna | Holych | SSSCIP |
| 16.00 | Unlocking the potential of MITRE ATT&CK | Denys | Yashchuk | CERT-UA |
| 16.15 | Matching the Attack - Growth in use of QR Codes | Dave | Ross | Intel471 |
| 16.30 | Cost effective requirements allocation with MITRE ATT&CK | Olivier | de Visscher | Expleo |
| Thomas | Jahan | Expleo | ||
| 16.45 | Standardising Threat Matrices: the good, the bad, the … | Christophe | Vandeplas | nexturia / MISP Project |
| 17.00 | Leveraging MITRE ATT&CK to Develop the MISP Galaxy Standard: Building a Robust Interconnected Knowledge Base | Alexandre | Dulaunoy | CIRCL |
| 17.15 | Honeypots and how to use them with ATT&CK | Victor | Curalea | European Commission |
| 17.30 | Closing comments | Freddy |
About the EU ATT&CK Community
The EU ATT&CK Community is a diverse community of practitioners including security professionals, cybersecurity vendors, CSIRTs/CERTs and user organisations whose aim is to actively use MITRE ATT&CK® while contributing back to improve cyber defense. The EU MITRE ATT&CK® Community is a volunteer-driven vendor neutral platform where all users can discuss, exchange and improve their use of adversary tactics and techniques together in practical use cases like attribution, prevention, detection, hunting and response.
Contact
If you want to get in touch with us or if you want to join the mailing list, you can reach us via email info@attack-community.org.