Attackers continue to evolve their tradecraft to successfully evade EDR preventions and SIEM detections. Defenders are continually trying to build high quality detections and prevention rules, but often times lack the ability to validate that the detections and prevention rules are working. The Adaptive Threat Simulation and Detection Engineering workshop will walk students through the process of creating attack playbooks and campaigns, how to build high quality detections, and how to validate the detections will detect the attacks. Students will have the opportunity to interact with a live lab environment for attack simulation and detection engineering.

Learning Objectives:

• Learn how attackers create their attacks and how to simulate this in a lab environment.
• Learn how to build an attack playbook and campaign to simulate attacker behavior.
• Learn how to build a high quality detection and validate the detection against the playbooks and campaigns.

* Please note: This is not included in the Main Conference registration and requires a separate registration.