chg: [attack] updated slides

pull/25/head
Christophe Vandeplas 2024-05-16 20:56:48 +02:00
parent 0561d35248
commit 2383d86b84
No known key found for this signature in database
GPG Key ID: BDC48619FFDC5A5B
3 changed files with 19 additions and 11 deletions

View File

@ -31,7 +31,8 @@
\begin{itemize} \begin{itemize}
\item Seeing the success of the ATT\&CK framework in MISP gave rise to a host of matrix-based models: \item Seeing the success of the ATT\&CK framework in MISP gave rise to a host of matrix-based models:
\begin{itemize} \begin{itemize}
\item Inflation? We dont think so. There are {\bf different models} because there are many {\bf different use cases to be represented}. \item Inflation? We dont think so.
\item There are {\bf different models} because there are many {\bf different use cases to be represented}.
\item We found this to be good as long as those models are maintained. \item We found this to be good as long as those models are maintained.
\end{itemize} \end{itemize}
\end{itemize} \end{itemize}
@ -40,7 +41,7 @@
\begin{frame} \begin{frame}
\frametitle{MISP galaxies over time} \frametitle{MISP galaxies over time}
\begin{center} \begin{center}
\includegraphics[scale=0.13]{./screenshots/timeline.png} \includegraphics[scale=0.16]{./screenshots/timeline.png}
\end{center} \end{center}
\end{frame} \end{frame}
@ -77,8 +78,12 @@
\begin{itemize} \begin{itemize}
\item Interaction with the framework owner. \item Interaction with the framework owner.
\end{itemize} \end{itemize}
\item Create the conversion script. \item Create the conversion script, or do by hand.
\end{itemize} \end{itemize}
\begin{center}
\includegraphics[scale=0.3]{./screenshots/uuid-extraction.png}
\includegraphics[scale=0.3]{./screenshots/uuid-generation.png}
\end{center}
\end{frame} \end{frame}
\begin{frame} \begin{frame}
@ -94,8 +99,8 @@
\item Create specific tooling to help or partially automate the creation of relations. \item Create specific tooling to help or partially automate the creation of relations.
\end{itemize} \end{itemize}
\begin{center} \begin{center}
\includegraphics[scale=0.2]{./screenshots/rel-gen-example.png} \includegraphics[scale=0.35]{./screenshots/rel-gen-example.png}
\includegraphics[scale=0.2]{./screenshots/rel-gen-help.png} % \includegraphics[scale=0.3]{./screenshots/rel-technique-re-search.png}
\end{center} \end{center}
\end{frame} \end{frame}
@ -112,6 +117,9 @@
\item Conversion script breaks. \item Conversion script breaks.
\item Keeping contributed relationships. \item Keeping contributed relationships.
\end{itemize} \end{itemize}
\begin{center}
\includegraphics[scale=0.3]{./screenshots/new-uuids-everywhere.png}
\end{center}
\end{frame} \end{frame}
\begin{frame} \begin{frame}
@ -152,11 +160,11 @@
\begin{frame} \begin{frame}
\frametitle{10 Golden Rules for Framework Creators (Community)} \frametitle{10 Golden Rules for Framework Creators (Community)}
\begin{itemize} \begin{itemize}
\item 1. Publish and communicate. \item 6. Publish and communicate.
\item 2. Update regularly. \item 7. Update regularly.
\item 3. Encourage third-party contributions. \item 8. Encourage third-party contributions.
\item 4. Expand existing frameworks. \item 9. Expand existing frameworks.
\item 5. Collaborate with other framework creators. \item 10. Collaborate with other framework creators.
\end{itemize} \end{itemize}
\end{frame} \end{frame}

Binary file not shown.

Before

Width:  |  Height:  |  Size: 178 KiB

After

Width:  |  Height:  |  Size: 54 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 388 KiB

After

Width:  |  Height:  |  Size: 313 KiB