12th EU ATT&CK Community Workshop Hybrid Format
The 12th EU MITRE ATTACK® Community Workshop will take place on 17/05/24 from 9.30am until 5.30pm (CEST) and is hosted by the CCB.
Date and time
Location
SQUARE Brussels Meeting Centre
Mont des Arts 1000 Bruxelles BelgiumAgenda
9:30 AM - 9:30 AM
Opening and welcome
Miguel De Bruycker, CCB
9:30 AM - 9:45 AM
Enhancing Cybersecurity with MITRE ATT&CK and CyberFundamentals
Kevin Holvoet, CCB
9:45 AM - 10:00 AM
The Always-On Purple Team: An Automated CI/CD for Detection Engineering
Erik Van Buggenhout, NVISO
10:00 AM - 10:15 AM
Threat-Led Attack Emulation: Holistic & Efficient Adoption of Threat-Informed
Kennedy Torkura, Mitigant
10:15 AM - 10:30 AM
Purple Teaming Automation
Rajendra Mekhale, ItsMe
10:30 AM - 10:45 AM
TotalTest – An Integrated Approach to Conducting Attack Simulation
Nebu Varghese, FTI Consulting
10:45 AM - 11:00 AM
Threat-Informed Defense: Transforming Intelligence into Countermeasures
Wojciech Lesicki, Standard Chartered
Grzegorz Molski, Standard Chartered
11:00 AM - 11:30 AM
Coffee
11:30 AM - 11:45 AM
GenAI for Threat-Informed Defense - GenAI as Buddy for TID Research & Developm
Ryusuke Masuoka, Fujitsu
11:45 AM - 12:00 PM
Chat with your CTI
Dhia Mahjoub, independent researcher
12:00 PM - 12:15 PM
The rationale for Cyber Risk Quantification
Robert Kloots, Trust Matters
12:15 PM - 12:30 PM
Digital Maintenance for Rail: A MITRE ATT&CK Handbook for Today (and Tomorrow)
Emma Taylor, RazorSecure
12:30 PM - 1:30 PM
Lunch break
1:30 PM - 2:00 PM
Update from the ATT&CK team
Casey Knerr MITRE
2:00 PM - 2:15 PM
Center for Threat-Informed Defense R&D Update
Tiffany Bergeron, CTID
2:15 PM - 2:30 PM
Introduction of Sigma Correlations
Thomas Patzke, Evonik
2:30 PM - 2:45 PM
SigmAIQ: Bridging Advanced LLM Support with Sigma Rules for Next-Gen Cyber Def
Stephen Lincoln, AttackIQ
2:45 PM - 3:00 PM
TRAM LLM for ATT&CK
Andrii Bezverkhyi, SOC Prime
Alla Iurchenko, SOC Prime
3:00 PM - 3:30 PM
Coffee
3:30 PM - 3:45 PM
A Look Outside the Window(s): CTI Spotlight on Less-Prominent ATT&CK Technique
Scott Small, TIDAL
3:45 PM - 4:00 PM
Operationalizing Threat Intelligence to ATT&CK your Adversaries
Hanna Holych, SSSCIP
4:00 PM - 4:15 PM
A CISO story: educating students on MITRE ATT&CK in Ukraine, with CERT-UA
Volodymyr Garashchenko, SOC Prime
Denys Yashchuk, CERT UA
4:15 PM - 4:30 PM
Matching the Attack - Growth in use of QR Codes
Dave Ross, Intel471
4:30 PM - 4:45 PM
Cost effective requirements allocation with MITRE ATT&CK
Olivier de Visscher, Expleo
Thomas Jahan, Expleo
4:45 PM - 5:00 PM
Standardising Threat Matrices: the good, the bad, the ...
Christophe Vandeplas, nexturia / MISP Project
5:00 PM - 5:15 PM
Leveraging MITRE ATT&CK to Develop the MISP Galaxy Standard: Building a Robust
Alexandre Dulaunoy, CIRCL
5:15 PM - 5:30 PM
Honeypots and how to use them with ATT&CK
Victor Curalea, European Commission
5:30 PM - 5:30 PM
Closing
Freddy
About this event
- 8 hours
The 12th EU MITRE ATT&CK® Community Workshop will take place on the 17th of May 2024 from 9:30am until 5.30pm (CEST) and will be hosted by the Centre for Cybersecurity Belgium (CCB). The event is hybrid: you can choose to attend online via videoconference or attend in-person at The Square, Mont des Arts, 1000 Brussels.
Content of the Community Workshop
The workshop is organized by practitioners and for practitioners with an interest in the use of the ATT&CK® Framework in Prevention, Detection/Hunting and Response. You will hear updates from the Center For Threat-Informed Defense and from the developers of systems and tools supporting the ATT&CK® Framework. But even more importantly, you will learn best practices from your peers in the user community.
The highly-effective format of short (15’) lightning talks will focus on the following themes:
1. Tools and methods for sharing
2. Rules, playbooks and processes
3. ATT&CK® flavours (cloud, telecom, ICS, Active Defence…)
Registration is mandatory
Participation to the event is at no cost for the participants, but registration is required. Please bear in mind that the number of available seats for both in-person and online participation are limited so the organizers reserve the right to select participants if necessary.
• We insist that you provide your real name, affiliation and a corporate email address in your registration.
• If you would like to participate in-person please select "Entry ticket for on-site participation"
• Tickets are distributed on a "first come, first serve basis"