Amine Besson
I am a contractor dedicated to developing advanced Detection and Response Systems, Detection Engineering, Threat Intelligence and Hunting, SIEM/SOAR/EDR/CDR/XDR Systems Engineering and generally everything SOC Automation related. Currently maintaining the OpenTIDE project which condenses years of lessons learned on the floor of SOCs (Internal and Managed) into a streamlined Detection Engineering ecosystem for technical teams. My latest interest lie in the junction between Detection and Response Engineering, especially developing large scale signal and entity aggregation systems.
Session
With OpenTIDE the Threat-Informed Detection Engineering framework, Cyber Threat Intelligence and Detection Engineering teams can work together to model the threat vectors (aka attack scenarios) in a structured, actionable and automation-ready object which become at the centre of a knowledge graph. With that framework, Cyber Threat Intelligence teams can prioritise to expand the threat detection coverage while the Detection Engineering teams can measure and report on the current threat coverage