Itzel Vazquez Sandoval
Itzel is a computer scientist and software engineer who enjoys research on computational logic, cryptography, and their intersection. She embraces the challenges of exploring and innovating in these fields for the design and development of information security solutions in diverse domains.
Abstractions Lab provides solutions for the trustworthiness and security of digital systems. We apply and advance state-of-the-art results in computer science and mathematics, to design, develop, and analyze conceptual solutions and concrete tools for secure software and cyber physical systems. We are driven by the belief that cryptography and formal methods form the mathematical foundation for building correct and secure systems.
Session
This workshop offers a hands-on presentation of two open-source tools from the CyFORT project, bridging the gap between state-of-the-art academic research and real-world SOC/CSIRT operations: IDPS-ESCAPE, a SOAR platform with an AI-driven anomaly detection toolbox (ADBox), and SATRAP, a platform for computer-aided analysis of Cyber Threat Intelligence (CTI) assisted by logic-based automated reasoning.
Participants will learn how to integrate an open-source SIEM (Wazuh) with ADBox and its Multivariate Time-Series Anomaly Detection via Graph Attention Networks (MTAD-GAT) algorithm, as well as how to configure anomaly detectors by training new ML models and using them on SIEM-level ingested data to respond to adversarial attacks, and automate response workflows. They will also gain hands-on experience setting up a CTI knowledge base and streamlining CTI analysis investigations using the CTI Analysis Toolbox of SATRAP.