CETIC intervened in this event to present the use of MITRE ATT&CK® and l’European Cybersecurity Skills Framework for Cyber Range scenario generation.
Cyber ranges are dedicated platforms to train security experts in various security activities. Training scenarios aimed at improving trainees skills are mostly designed manually by security experts. This is a time consuming task. Sebastien Dupont presented some results of the CRS research project, where we propose a method and tooling to automatically generate Cyber Range configurations and security training scenarios, deploy them in a cyber range and provide training session feedback and recommendations to participants.
In order to measure the trainees skills, we rely on the new ENISA Cybersecurity Skills Framework (ECSF) which proposes an understanding of the cybersecurity professional role profiles and common mappings with the appropriate skills and competences required.
We presented how we combine the ECSF with MITRE ATT&CK and D3FEND techniques and tactics to generate scenarios that fit the trainee skills improvement objectives.
View online : https://www.linkedin.com/events/11t...