BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//bsidesluxembourg-2026//speaker//X9QCJN
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsidesluxembourg-2026-JRZGUH@pretalx.com
DTSTART;TZID=CET:20260507T154000
DTEND;TZID=CET:20260507T162000
DESCRIPTION:Security teams no longer need to manually configure and perform
  purple team exercises. It is possible to automate and orchestrate all thi
 s flow with a combination of automation and artificial intelligence.\n\nPo
 wered by n8n\, Elastic\, Caldera\, TheHive\, and LLMs\, this orchestration
  requires zero manual effort after launch. It continuously fetches and upd
 ates APT profiles\, executes attack techniques\, and analyzes detection lo
 gs in the alerting system. If a technique is not detected the system check
 s SIEM logs\, if the activity is logged\, it suggests a Sigma use case. If
  both detection and logging are absent\, the system recommends configurati
 on adjustments to ensure future visibility.\n\nIn addition\, security team
 s no longer need to manually perform Threat profiling to select the correc
 t adversary TTPs. The system analyzes the target organization’s landscap
 e and intelligently suggests the most relevant APT attack scenarios\, or a
 llows users to select one.\n\n The final output is a comprehensive report 
 detailing the detection rate\, logging rate\, technique descriptions\, and
  recommendations to enhance visibility by suggesting new Sigma rules and r
 efining logging configurations.\n\nThis is not just another attack simulat
 ion tool\, it’s a scalable and flexible AI-driven automation workflow th
 at can be adapted depending on the technologies in your environment while 
 continuously optimizing detection\, helping defenders stay ahead of evolvi
 ng threats.
DTSTAMP:20260502T120409Z
LOCATION:IFEN room 1\, Workshops and Detection Engineering village (Buildin
 g D)
SUMMARY:Goodbye Purple Team\, Hello Purple Bots - Patrick Mkhael\, Ralph El
  Khoury
URL:https://pretalx.com/bsidesluxembourg-2026/talk/JRZGUH/
END:VEVENT
END:VCALENDAR