Skip to content

Commit

Permalink
Add Lightning Talk YouTube links
Browse files Browse the repository at this point in the history
  • Loading branch information
@jondricek
jondricek authored Feb 2, 2024
1 parent 646e24d commit 90a0ea5
Showing 1 changed file with 34 additions and 34 deletions.
68 changes: 34 additions & 34 deletions data/attackcon.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -334,28 +334,27 @@
"slides": "https://www.slideshare.net/MITREATTACK/updates-from-the-center-for-threatinformed-defense"
},
{
"title": "Lightning Talk: Automating testing by implementing ATT&CK using the Blackboard Architecture",
"title": "Lightning Talk: The case for quishing",
"presenters": [
{
"names": ["Jeremy Straub"],
"organization": "NDSU Cybersecurity Institute"
"names": ["Brian Donohue"],
"organization": "Red Canary"
}
],
"description": "This presentation will briefly summarize work that we've done regarding implementing the ATT&CK framework as a rule-fact-action network within a Blackboard Architecture, allowing the ATT&CK framework to enable security testing automation. The presentation will start with a quick summary of the concept behind this and then present a few implementation examples.",
"video": "https://mitre.brandlive.com/ATTACKCon-4-0/en/session/37f1382e-9473-11ee-92f3-b34fc23cb3e6",
"slides": "https://www.slideshare.net/MITREATTACK/automating-testing-by-implementing-attck-using-the-blackboard-architecture"
"description": "Despite an absurd (or maybe disgusting) name, quishing is emerging as an undeniable risk to organizations. Sure, it's offered adversaries an avenue for initial access for many years, and, yes, public reporting on such incidents has been somewhat underwhelming. However, QR codes are officially ubiquitous, people are extremely comfortable with them, and, in the coming years, quishing is bound to become a powerful and reliable weapon in the arsenal of sophisticated adversaries. In 5 minutes of compelling and persuasive speech, I'll make the case for why Quishing deserves to be a standalone sub-technique of phishing in the enterprise ATT&CK® matrix.",
"video": "https://youtu.be/TsrOYObSMO4?si=oKhghRS2bs91b7-B&t=58",
"slides": "https://www.slideshare.net/MITREATTACK/the-case-for-quishing"
},
{
"title": "Lightning Talk: The case for quishing",
"title": "Lightning Talk: Enhancing Breach and Attack Simulation (BAS) Impact with MITRE ATT&CK and LLMs",
"presenters": [
{
"names": ["Brian Donohue"],
"organization": "Red Canary"
"names": ["Jose Barajas"],
"organization": "AttackIQ"
}
],
"description": "Despite an absurd (or maybe disgusting) name, quishing is emerging as an undeniable risk to organizations. Sure, it's offered adversaries an avenue for initial access for many years, and, yes, public reporting on such incidents has been somewhat underwhelming. However, QR codes are officially ubiquitous, people are extremely comfortable with them, and, in the coming years, quishing is bound to become a powerful and reliable weapon in the arsenal of sophisticated adversaries. In 5 minutes of compelling and persuasive speech, I'll make the case for why Quishing deserves to be a standalone sub-technique of phishing in the enterprise ATT&CK® matrix.",
"video": "https://mitre.brandlive.com/ATTACKCon-4-0/en/session/37f1382e-9473-11ee-92f3-b34fc23cb3e6",
"slides": "https://www.slideshare.net/MITREATTACK/the-case-for-quishing"
"description": "The evolving complexity and sophistication of cyber threats necessitate a robust and automated approach to threat report analysis and mapping. Leveraging the power of large language models (LLMs) in conjunction with the MITRE ATT&CK framework can dramatically streamline this process. We, at AttackIQ, are developing a process leveraging LLMs to not only extract the ATT&CK tactics and techniques from cyber threat reports, but also parsing the equally crucial information such as the command line snippets, implementation methodology, image-to-text conversions, etc. in order to significantly reduce the amount of time and manpower spent in threat report mapping while enabling the teams to focus on more critical aspects of BAS scenario development.",
"video": "https://youtu.be/TsrOYObSMO4?si=P4swHrpJtfdIEiaL&t=338"
},
{
"title": "Lightning Talk: Discussion on Finding Relationships in Cyber Data",
Expand All @@ -366,19 +365,19 @@
}
],
"description": "Capital One is currently building a Security Graph to tie together various Cyber Teams and their data -- Controls, Objectives, Tools, and Countermeasures, Threats. It is an ambitious project that will help us identify gaps and focus our controls on the most likely and persistent threats. It is a work in progress that is using MITRE ATT&CK and D3FEND as a \"lingua franca\" to tie together the elements of the graph, so we have a common understanding across the enterprise.",
"video": "https://mitre.brandlive.com/ATTACKCon-4-0/en/session/37f1382e-9473-11ee-92f3-b34fc23cb3e6",
"video": "https://youtu.be/TsrOYObSMO4?si=Z-Nn_qQMCaOsuk7m&t=621",
"slides": "https://www.slideshare.net/MITREATTACK/discussion-on-finding-relationships-in-cyber-data"
},
{
"title": "Lightning Talk: ATT&CK’s Adoption in CTI: A Great Success (with Room to Grow!)",
"title": "Lightning Talk: ATT&CK STIX mapping challenges",
"presenters": [
{
"names": ["Scott Small"],
"organization": "Tidal Cyber"
"names": ["Jason Keirstead"],
"organization": "Cyware"
}
],
"description": "This metrics- and meme-based lightning session spotlights the success story that is the CTI industry’s impressive (and expanding) adoption of ATT&CK in their products. Using nearly 6 years’ worth of ATT&CK-mapped, public threat reports collected from government, vendor, & independent sources, we’ll show how the rate (and detail) of mapping has increased considerably, while showcasing (anonymized) examples of high-quality end-products, with the aim of inspiring further ATT&CK adoption in this important corner of the field.",
"video": "https://mitre.brandlive.com/ATTACKCon-4-0/en/session/37f1382e-9473-11ee-92f3-b34fc23cb3e6"
"description": "MITRE provides a set of robust STIX objects that implement the entire ATT&CK matrix (it is actually the reference data). However, there is a challenge as there is no official recommended way from MITRE on how someone should REFERENCE these objects inside their own STIX data. As a result, vendors amd threat providers have created many incompatible ways to reference ATT&CK techniques. We will show a few examples of this, talk about how it creates challenges, and suggest a path forward for the community.",
"video": "https://youtu.be/TsrOYObSMO4?si=eXkXK0IsgJw6LSJJ&t=937"
},
{
"title": "Lightning Talk: Adjectives for ATT&CK",
Expand All @@ -389,41 +388,42 @@
}
],
"description": "If you tell me an attacker performed OS Credential Dumping, did they dump credentials with meterpreter, recompile mimikatz, or use a custom tool? The technique reference lacks a way to categorize how they performed the action and each type requires its own mitigation. In this talk, Ben Langirll will propose formal adjectives for ATT&CK techniques that map to adversary capabilities and how we can use them to optimize defensive choices.",
"video": "https://mitre.brandlive.com/ATTACKCon-4-0/en/session/37f1382e-9473-11ee-92f3-b34fc23cb3e6",
"video": "https://youtu.be/TsrOYObSMO4?si=pKsLpSbE4_5WdScA&t=1221",
"slides": "https://www.slideshare.net/MITREATTACK/adjectives-for-attck"
},
{
"title": "Lightning Talk: ATT&CK STIX mapping challenges",
"title": "Lightning Talk: Of Lenses and Layers",
"presenters": [
{
"names": ["Jason Keirstead"],
"organization": "Cyware"
"names": ["Andrew Malone"],
"organization": "JetBlue"
}
],
"description": "MITRE provides a set of robust STIX objects that implement the entire ATT&CK matrix (it is actually the reference data). However, there is a challenge as there is no official recommended way from MITRE on how someone should REFERENCE these objects inside their own STIX data. As a result, vendors amd threat providers have created many incompatible ways to reference ATT&CK techniques. We will show a few examples of this, talk about how it creates challenges, and suggest a path forward for the community.",
"video": "https://mitre.brandlive.com/ATTACKCon-4-0/en/session/37f1382e-9473-11ee-92f3-b34fc23cb3e6"
"description": "Many use the ATT&CK matrix to map tool coverage across the environment. This blanket coverage is a good baseline but it can miss certain aspects of the enterprise's context like risk levels, organisational priorities, and industry specific threat intelligence. I want to discuss ways to layer these lenses on top of an enterprise mapping to make ATT&CK more relevant to the specific enterprise. If done right this can lead to more actionable metrics and reporting on improvements.",
"video": "https://youtu.be/TsrOYObSMO4?si=pkg565FUFuOh_f7X&t=1507"
},
{
"title": "Lightning Talk: Of Lenses and Layers",
"title": "Lightning Talk: ATT&CK’s Adoption in CTI: A Great Success (with Room to Grow!)",
"presenters": [
{
"names": ["Andrew Malone"],
"organization": "JetBlue"
"names": ["Scott Small"],
"organization": "Tidal Cyber"
}
],
"description": "Many use the ATT&CK matrix to map tool coverage across the environment. This blanket coverage is a good baseline but it can miss certain aspects of the enterprise's context like risk levels, organisational priorities, and industry specific threat intelligence. I want to discuss ways to layer these lenses on top of an enterprise mapping to make ATT&CK more relevant to the specific enterprise. If done right this can lead to more actionable metrics and reporting on improvements.",
"video": "https://mitre.brandlive.com/ATTACKCon-4-0/en/session/37f1382e-9473-11ee-92f3-b34fc23cb3e6"
"description": "This metrics- and meme-based lightning session spotlights the success story that is the CTI industry’s impressive (and expanding) adoption of ATT&CK in their products. Using nearly 6 years’ worth of ATT&CK-mapped, public threat reports collected from government, vendor, & independent sources, we’ll show how the rate (and detail) of mapping has increased considerably, while showcasing (anonymized) examples of high-quality end-products, with the aim of inspiring further ATT&CK adoption in this important corner of the field.",
"video": "https://youtu.be/TsrOYObSMO4?si=iqw3wjOGyPIMtApY&t=1794"
},
{
"title": "Lightning Talk: Enhancing Breach and Attack Simulation (BAS) Impact with MITRE ATT&CK and LLMs",
"title": "Lightning Talk: Automating testing by implementing ATT&CK using the Blackboard Architecture",
"presenters": [
{
"names": ["Jose Barajas"],
"organization": "AttackIQ"
"names": ["Jeremy Straub"],
"organization": "NDSU Cybersecurity Institute"
}
],
"description": "The evolving complexity and sophistication of cyber threats necessitate a robust and automated approach to threat report analysis and mapping. Leveraging the power of large language models (LLMs) in conjunction with the MITRE ATT&CK framework can dramatically streamline this process. We, at AttackIQ, are developing a process leveraging LLMs to not only extract the ATT&CK tactics and techniques from cyber threat reports, but also parsing the equally crucial information such as the command line snippets, implementation methodology, image-to-text conversions, etc. in order to significantly reduce the amount of time and manpower spent in threat report mapping while enabling the teams to focus on more critical aspects of BAS scenario development.",
"video": "https://mitre.brandlive.com/ATTACKCon-4-0/en/session/37f1382e-9473-11ee-92f3-b34fc23cb3e6"
"description": "This presentation will briefly summarize work that we've done regarding implementing the ATT&CK framework as a rule-fact-action network within a Blackboard Architecture, allowing the ATT&CK framework to enable security testing automation. The presentation will start with a quick summary of the concept behind this and then present a few implementation examples.",
"video": "https://youtu.be/TsrOYObSMO4?si=bEJ6ZvUJQU3J3nwe&t=2114",
"slides": "https://www.slideshare.net/MITREATTACK/automating-testing-by-implementing-attck-using-the-blackboard-architecture"
}
]
},
Expand Down

0 comments on commit 90a0ea5

Please sign in to comment.