MITRE ATT&CK Driven Threat Hunting Automated by Local LLM

Автор: MITRE Center for Threat-Informed Defense

Загружено: 2025-04-01

Просмотров: 775

Описание: Speakers:
Jun Miura, Researcher, Fujitsu Defense & National Security Limited
Toshitaka Satomi, Researcher, Fujitsu Defense & National Security Limited
Eri Miura, Fujitsu Defense & National Security Limited

Threat hunting is a proactive approach for identifying undetected threats within an organization’s environment, and there are various proposed ways to perform. In this presentation, based on the concept of Summiting the Pyramid, MITRE ATT&CK driven threat hunting is proposed. One of the goals of the threat hunting is to automatically generate Sigma rules for hunting particular TTPs in MITRE ATT&CK, which is achieved by Large Language Model (LLM) and Retrieval-Augmented Generation (RAG). The speaker provides the results, know-how and tips obtained by developing the application in the presentation.

Не удается загрузить Youtube-плеер. Проверьте блокировку Youtube в вашей сети.
Повторяем попытку...

MITRE ATT&CK Driven Threat Hunting Automated by Local LLM

Доступные форматы для скачивания:

Скачать видео

Информация по загрузке:

Скачать аудио

Похожие видео

Accelerating Identification of ATT&CK Techniques in Threat Intelligence Reports

Accelerating Identification of ATT&CK Techniques in Threat Intelligence Reports

Real Threat Hunting with AI and ML

Real Threat Hunting with AI and ML

Attack Flow Training: 1 – Introduction to Attack Flow

Attack Flow Training: 1 – Introduction to Attack Flow

The Zombie App-ocalypse: Game Theory for Disrupting Dormant and Orphaned Cloud Identities

The Zombie App-ocalypse: Game Theory for Disrupting Dormant and Orphaned Cloud Identities

Анализ конкурентов и целевой аудитории при помощи Нейросетей

Анализ конкурентов и целевой аудитории при помощи Нейросетей

Updates from the Center for Threat-Informed Defense

Updates from the Center for Threat-Informed Defense

Keynote Panel - Threat-Inform Your Organization

Keynote Panel - Threat-Inform Your Organization

How AI Can Accelerate Cybersecurity

How AI Can Accelerate Cybersecurity

1: Overview of Microsoft Defender Threat Intelligence with demo

1: Overview of Microsoft Defender Threat Intelligence with demo

Improving Cyber Defense Using the MITRE ATT&CK Framework - Darren Cathey, LogRhythm

Improving Cyber Defense Using the MITRE ATT&CK Framework - Darren Cathey, LogRhythm

9 AI-навыков, которые должен освоить каждый в 2026 году

9 AI-навыков, которые должен освоить каждый в 2026 году

MITRE ATLAS Explained: AI Security Threats + OpenAI vs. DeepSeek Case Study

MITRE ATLAS Explained: AI Security Threats + OpenAI vs. DeepSeek Case Study

The Anatomy of an Att&ck

The Anatomy of an Att&ck

Transforming Threat Hunting with Generative AI

Transforming Threat Hunting with Generative AI

Threat Hunting with LLM: From Discovering APT SAAIWC to Tracking APTs with AI

Threat Hunting with LLM: From Discovering APT SAAIWC to Tracking APTs with AI

БЕЛЫЕ СПИСКИ: какой VPN-протокол справится? Сравниваю все

БЕЛЫЕ СПИСКИ: какой VPN-протокол справится? Сравниваю все

Introduction To The MITRE ATT&CK Framework

Introduction To The MITRE ATT&CK Framework

Корсика: рай, в котором никто не живёт

Корсика: рай, в котором никто не живёт

Сисадмины больше не нужны? Gemini настраивает Linux сервер и устанавливает cтек N8N. ЭТО ЗАКОННО?

Сисадмины больше не нужны? Gemini настраивает Linux сервер и устанавливает cтек N8N. ЭТО ЗАКОННО?

Enterprise Threat Hunting Using Jupyter Notebooks- Ross Burke - Hou.Sec.Con 2022

Enterprise Threat Hunting Using Jupyter Notebooks- Ross Burke - Hou.Sec.Con 2022