Get in contact

presentations

November 18th 2021, SOCCRATES presented at FIRST TC Norway

Adversary Emulation Planner Based On MITRE ATT&CK | Siri Bromander, mnemonic

The MITRE Adversary Tactics, Techniques and Common Knowledge  (ATT&CK) knowledge base is a very useful resource for information  security professionals. ATT&CK has become the de facto industry  standard for tactical threat intelligence.

ATT&CK contains adversary tactics and techniques, as well as  relationships linking techniques to adversary groups and software.  However, ATT&CK does not describe any relationships or dependencies  between techniques. This makes generating adversary emulation  plans hard, since sequencing of techniques must be done manually, i.e.  assigning techniques to different stages of an intrusion.

Our first step towards automating the generation of adversary emulation  plans is semantic modelling of dependencies between ATT&CK  techniques and development of tool support to generate attack stages  based on techniques in ATT&CK.

This presentation covers how and why we selected our modelling approach,  the tools that we developed, and use cases with examples highlighting  how the tools are useful.

Siri Bromander leads  the Research and Development team at mnemonic.  She holds a PhD from the  University of Oslo and a MsC in telematics/information security from  NTNU. She has worked in mnemonic since 2008  and has more than 14 years of work experience in IT security and  information security research roles, including serving as Security  Manager at mnemonic for five years.

https://www.coldincidentresponse.no/schedule/first-tc-oslo-2021/

presentations

SOCCRATES at ONE conference 2021

Martin Eian (mnemonic) has given a presentation at the ONE conference 2021 on ‘SOCCRATES Project – Automating Threat Intelligence and Adversary Emulation’. A video of the presentation can be viewed here

presentations

SOCCRATES at Webinar SOC developments and pilots in CEF and H2020 projects, July 19th 2021

This Monday a webinar is organized by the EU about SOC developments and pilots in CEF and H2020 projects. The webinar aims at supporting knowledge exchange on recent and future SOC (SOC-relevant ICT solutions) developments between beneficiaries, European Commission, ENISA and HaDEA. It helps finding synergies and maximizing the impact of projects by bringing together policy and projects with a specific focus on developing and establishing European SOCs included as a priority in the EU’s Cybersecurity Strategy for the Digital Decade

Reinder Wolthuis (TNO) is invited to present SOCCRATES

presentations

SOCCRATES at 33rd Annual FIRST Conference

SOCCRATES provided two presentation at the (virtual) 33rd Annual FIRST Conference: “Crossing Uncertain Times,” on June 7-9, 2021.

* Martin Eian (mnemonic) provided a presentation on: ‘Adversary Emulation – Generating MITRE ATT&CK Technique Sequences’. The video is available on youtube.

* Erik Ringdahl (foreseeti) and Frank Fransen (TNO) provided a presentation on: ‘Attack Defense Graph Analysis for Supporting SOC and CSIRT Operations’. The video is available on youtube and slides are available below.

presentations

SOCCRATES general presentation

This general presentation on the SOCCRATES project provides a summary on the SOCCRATES project: its partners, goals, concepts and approach.

Copyright 2022 Soccrates
Developed by Convident