Pending AI-Assisted Detection Engineering: Practical Blue Team Workflows with LLMs, Sigma, and MITRE ATT&CK
Learn how security teams can use LLM and threat intelligence to accelerate detection engineering while maintaining human oversight. Practice realistic blue team workflows, including translating threat intelligence into detection ideas, MITRE ATT&CK mapping, and Sigma rule refinement. Avoid blind faith in automation and emphasize human decision-making and validation to master AI integration that improves the speed and consistency of SOC and incident response.
Training Outline
-
Title
AI-Assisted Detection Engineering: Practical Blue Team Workflows with LLMs, Sigma, and MITRE ATT&CK
-
Trainer
Martin Cvetko (CCDCOE: NATO Cooperative Centre for Cyber Defence)
Takahiko Aoyama (CCDCOE)
Tinna Sigurdardottir (Hybrid CoE: European Centre for Hybrid Threat Countermeasures) -
Language
English
-
Date
2026-11-13 9:00 - 18:30
2026-11-14 9:00 - 18:30
2026-11-15 9:00 - 18:30 -
Venue
Bellesalle Shinjuku Grand Conference Center (5F)
-
Capacity
TBD
-
Remarks
Include 2day Conference ticket(November 17th to 18th, 2026) for training attendees