2024-10-25 –, Europe - Main Room
As cyber threats continue to evolve, traditional adversary simulation methods are struggling to keep pace with the sophisticated tactics, techniques, and procedures (TTPs) used by attackers today. In this talk, we explore the shortcomings of current simulation frameworks and introduce the ACTOR Model, a comprehensive and forward-thinking approach designed to overcome these challenges.
Leveraging real-world insights and integrating the MITRE ATT&CK framework and Structured Threat Information Expression (STIX) data, the ACTOR Model enhances realism, scalability, and customization in adversary simulation. Through the lens of humor and deep technical analysis, we declare the end of outdated methods and present the future of simulation: a strategic, adaptable, and highly effective framework that equips organizations to stay ahead of adversaries. Join us as we dive into the next generation of adversary simulation — it’s far from dead, it’s just evolving.
The landscape of cyber threats has outgrown many of the traditional methods used in adversary simulation. Enter the ACTOR Model: a fresh and comprehensive framework that addresses the limitations of current simulation tools. In this talk, titled "Adversary Simulation is dead, long live Adversary Simulation!", Tristan Madani takes you through a humorous yet deeply technical journey of how adversary simulation has evolved. The session will explore the five key components of the ACTOR Model—Adversary, Capabilities, Target, Operations, and Results—while showing how they interconnect to create realistic, customizable simulations that reflect modern-day cyber threats.
Whether you're a security practitioner looking to refine your approach to adversary simulation or simply intrigued by the future of cybersecurity, this talk will offer valuable insights into how the ACTOR Model bridges the gap between theory and practical defense strategies. It’s not just about surviving the cyber battlefield; it's about simulating it with precision, foresight, and strategy.
Tristan is a dedicated and motivated professional committed to delivering positive results and fostering continuous improvement in his work. Over the years, he has accumulated extensive experience in both Offensive (Red Teaming, Penetration Testing, Vulnerability Research) and Defensive Security (Threat Hunting, Incident Response, Digital Forensics, Malware Reverse Engineering), as well as systems and networks. Additionally, Tristan finds fulfillment in sharing his knowledge through Cyber Security Training, recognizing the value of collaboration and ongoing learning in this dynamic field.