SOC Prime Attends Seventh EU MITRE ATT&CK® Community Workshop

SOC Prime is excited to announce our participation in the Seventh EU MITRE ATT&CK® Community Workshop taking place online on June 1-2, 2021. This workshop is supported by CERT-EU, CIRCL, and the MITRE Engenuity Center for Threat-Informed Defense to boost the experience exchange among security professionals interested in the use of the MITRE ATT&CK Framework in Prevention, Detection/Hunting, and Response.

In this event, security enthusiasts will be able to learn about the latest updates from MITRE and from the developers of cybersecurity tools supporting the ATT&CK Framework. The program includes lots of practical training, peer sessions, and insightful presentations from the leading community experts. You can check the detailed agenda draft here.

Andrii Bezverkhyi, founder, CEO, and chairman at SOC Prime is going to hold a separate session on June 2, 4:30 PM (CET). During his presentation, Andrii will tell security enthusiasts about SOC Prime’s best practices in Sigma customization and introduce the latest updates about our Threat Bounty Program

It is the third time SOC Prime is a speaker at the EU MITRE ATT&CK® Community Workshop. In May 2019, we had the honor to join the advanced ideas and share our practical experience of using the ATT&CK Framework, Sigma, and ELK for threat hunting and actor attribution. Also, in May 2020, SOC Prime made two separate sessions to focus on the practical insights that the cybersecurity community can put into action. This first presentation was held by Andrii Bezverkhyi speaking about open source and mobile-friendly projects powered by MITRE ATT&CK. The second session by Nate Guagenti, our Solution Architect, was devoted to supercharging network security with Sigma language.

The ATT&CK project provides security performers with a broad knowledge base and resources that can be used as tools to understand attacks and therefore the rules and threat hunting methods. Here, at SOC Prime, we constantly expand the Threat Detection Marketplace integration with the MITRE ATT&CK Framework to advance the threat coverage and enrich the rules with additional threat context by mapping them to ATT&CK tactics and techniques. Also, SOC Prime has developed, a free tool linked to Sigma rules with translations, YARA, and Atomic Red Team repositories, which allows cyber defenders to streamline the SOC content search. This tool is fast and accessible from any mobile device to boost security operations and help security professionals stay updated with relevant detections.

Get a free subscription to Threat Detection Marketplace and explore our cutting-edge Detection as Code platform that powers complete CI/CD workflow for threat detection. Our SOC content library aggregates 100K+ detection algorithms and threat hunting queries tailored to 23 SIEM, EDR, and NTDR technologies and mapped to CVE and MITRE ATT&CK® frameworks. Want to participate in our threat hunting initiatives and become a part of a talented developers community? Join our Threat Bounty Program and get rewarded for your input!