10-18, 13:40–13:45 (Europe/Luxembourg), Salle Europe
Introducing 🌊TIDeMEC : Threat Informed Detection Modelling and Engineering as Code , the platform powering DIGIT S2 CATCH Detection Engineering operations planned to go open source for the benefit of the European and beyond SOC community.
TIDeMEC is a platform that has been built for the better part of the past 2 years at the EC, and builds on top of years of astute observations of what goes wrong in the detection engineering field. It is an opinionated end-to-end platform, data model, framework and solution built on top of DevOps and as-code principles, with an emphasis on traceability, consistency, safety and automation. The data model of TIDeMEC scales from the input of a threat intelligence signal to the deployment of a detection rule whilst maintaining programmatic relations between actors, threat, detection objectives, and rules. We will also lay the plans for TIDeX , a potential exchange built on top of the TIDeMEC data objects with the vision to connect SOCs with precise and actionable knowledge objects.
Amine is a private contractor focused on designing and engineering large scalable detection systems for his clients, with a track record of innovative solutions deployed in critical sectors and challenging environments.