Future Community Call Topics #11
Comments
twentysixmoons
added
good first issue
|
Nice ideas! I think another one could be the sequel to the Thread call and focus on the Mitre Attack framework.
Possibly not relevant if the first Thread call covered this already? The intention would be to introduce the Mitre Attack framework to anyone new to it whilst using a Thread report as an example to explain some TTPs |
|
I think going over Mitre would be a great idea, @jecarr ! I know other videos do but it would be helpful to hear in our context and more timely. We've touched on Mitre in both of our previous calls but I think it does deserve a deep dive and also might help to contextualize what DISARM is doing in the misinformation space. I'm currently seeing things play like this now:
|
|
In line with the MITRE ATT&CK, it might be good to do a DISARM webinar as well and really walk through the framework. I think the DISARM Foundation would be keen to supply a speaker. |
|
@KadeMorton does our partnership agreement end this month or/and are we renewing? |
|
@twentysixmoons Let me check the date, we are renewing. |
|
@twentysixmoons you asked for more feedback on these. Here are some further thoughts:
I think this is a really good idea. I really want to take a pragmatic and evidence based approach to this so I'd be really keen for a talk that looks at the advice in the book, looks at how we implemented it and what we found. Did it work? Did it not? Do we have anything to add to the discussion around how best to facilitate open source based on our learnings? This might take some time as far as implementing the ideas of Approachable Open Source and gathering feedback, but I think it would be an incredibly useful talk.
I agree with all of this, and I think we should loop in the people we are thinking about having on the panel to get their take. I'd be keen to let them help shape up the topic so that it is something that is meaningful to them. I think one element to definitely include is the importance of diverse voices.
Yes to all this. I personally think we should go into this talk already having a bit of a framework worked out and a bit of a plan on how to move forward. It does not have to be finished, but I think a conversation around "Is this tangible thing and the plan to drive it forward good? What changes do people want to see? How do people want to be involved in this draft plan?" is better than "lets discuss this ephemeral idea with no clear plan on how to move forward". As we develop this, I'd be keen to involve as many people as we can in this early iteration, and then the call can be a look at where we've gotten to date and what's planned next. As you pointed out @twentysixmoons, @jecarr's idea around MITRE is also a good one given ATT&CK is so pivotal to what we do. ATT&CK comes in different flavours, like Enterprise (what we use currently), ICS, Mobile and others, and then there are ATT&CK like frameworks such as DISARM. We can look at doing talks on all of these, but we would want to look at doing them closer to Thread implementing those frameworks. I gave a talk in the past on the 2016 U.S. election hack and leak drama. Just giving that as a webinar I think would be useful. We have slides of this. I've also previously given a talk on on APT29 and looking at them over a long time period. That talk is now relatively old so if we did that again I'd redo it from scratch. I might also pick a different group to look at. If these talks are well received there are hundreds of groups to choose from. We could also try and be topical and give talks on groups that are currently making headlines. Two that are big right now are Volt Typhoon and Salt Typhoon. We've now given a talk on Thread. We can also give a talk on Tracery and a talk on Spindle. I think a talk purely on Threat Informed Defence is a good idea as again, it's foundational to what we do. We have a very particular approach to our cyber threat actor naming convention. I wrote a blog post on it: https://medium.com/p/96e1caad5eb7 We also have two blog posts that so far have done really well, https://medium.com/p/a16b3fac8123 and https://medium.com/p/31334b7b0a7d We could talk about those. I'd be keen to pull in experts on different aspects of those stories to get a well rounded take. Once we regularly have more people attending we could look at an AMA style webinar and answer questions from people. We could also seek a few questions from our Slack community ahead of time to ensure we can fill the time slot. |
|
I've been working on a miro planning board and google doc for getting all our events planned out. Both can be viewed and linked in this work-in-progress document. I'll be connecting virtually on Slack to get some points ironed out and reviewed: |
So far we've completed two community calls:
Ideas for next up - Working titles 🧠:
Open source cyber security: How to be a contributor
This might be good to take learnings from the book we have "Approachable Open source" and also share how to contribute to Arachne projects specifically. We could highlight others in the ecosystem too.
Open Source Cyber Security: Co-creating our futures
I see this as a panel. I think it might be useful to include someone from DISARM, Arachne, and Maybe OSSF for outlook on why it's so important that we continue to grow and collaborate cyber security work. Bringing in a guest moderator might be nice too. Antonio comes to mind as someone who might be good if he's open to it. Maybe a perspective from an organization that also uses cyber security and sees it as an important part of organizational planning too.
Open Source Cyber Security: Contributing to the Broader Ecosystem
This one might be a good start or point for us to share for Good Consumers of Open Source #6 and be a call to action for being good stewards for Open Source and implementing best practices for support.
Open to other ideas & brainstorming
The text was updated successfully, but these errors were encountered: