21 October 202615:30–17:30 CEST
Online
90 min·Track: Technical
Which common Cyber Threat Model concepts, methodologies and frameworks do exist and what is their practical relevance today?
Learning Content
- 1) The Diamond Model of Intrusion Analysis
- 2) Intelligence Preparation of the Cyber Environment - Rob Dartnall
- 3) MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK)
- 4) MITRE Common Attack Pattern Enumeration and Classification (CAPEC)
- 5) MITRE Common Vulnerabilities and Exposures (CVE)
- 6) MITRE Common Weakness Enumeration (CWE)
- 7) Detection Maturity Level (DML) Model
- 8) Semantic Cyber Threat Modeling
- 9) Structured Threat Information Expression (STIX)
- 10) CBEST (Bank of England UK)
- 11) TIBER-EU (European Central Bank)
- 11.1) Targeted Threat Intelligence Report (TTI) Report
- 11.1.1) Digital Footprint through open source intelligence research (passive collection) incl. social media and dark web analysis; collection on people, processes and systems (critical functions)
- 11.1.2) Threat-centric landscape analysis incl. geopolitical and economic environment (PESTLE-M), threat-centric scenarios, actor profiles & categories (TTP analysis); assets and vulnerabilities, supply chain (operational environment and critical functions)
- 11.1) Targeted Threat Intelligence Report (TTI) Report
- 12) STRIDE
Target Audience
- Security Consultants
- Security Analysts
- Security Investigators
- Threat Hunters
- Incident Responders