When Knowledge Graph Meets TTPs - Automated and Adaptive Executable TTP Intelligence for Security

Overview

Explore automated TTP intelligence for security assessments using knowledge graphs, enhancing breach simulation with adaptive attack chains to evaluate defense capabilities effectively.

Syllabus

• Introduction to Tactics, Techniques, and Procedures (TTPs)
Definition and significance in cybersecurity
Overview of TTP lifecycle
• Fundamentals of Knowledge Graphs
Definition and components
Examples of knowledge graphs in cybersecurity
• Integrating Knowledge Graphs with TTPs
Mapping TTPs into knowledge graphs
Benefits of using knowledge graphs for TTP analysis
• Automated Intelligence in Security Assessments
Automation in threat intelligence
Role of AI and machine learning in automating TTP detection
• Designing Adaptive Attack Chains
Understanding attack chains
Techniques for creating adaptive attack scenarios
• Simulating Breaches with Knowledge-Enhanced Attack Chains
Building realistic breach simulations
Knowledge graph-driven adaptation in attack simulations
• Assessing Defense Capabilities
Metrics for evaluating security defenses
Methods for using TTP simulations to test defenses
• Case Studies and Practical Applications
Real-world examples of knowledge graph and TTP integration
Hands-on exercises in developing adaptive attack simulations
• Tools and Technologies
Overview of software and platforms for knowledge graphs and TTPs
Practical guide to selecting and implementing tools
• Challenges and Future Directions
Limitations in current TTP intelligence approaches
Emerging trends in AI-driven threat intelligence
• Conclusion
Summary of key concepts
Future learning paths and resources for continued study

Subjects

Conference Talks