Events

Roberto Rodriguez on Project Mordor

NEW DATE! DECEMBER 18 |11:00 AM MT    

The Mordor project is a great resource for anyone who wants to figure out how malicious behavior manifests in security data or develop and test detection analytics against real-world attacks. The datasets are organized to align with MITRE ATT&CK and consist of telemetry generated by security tooling—like Sysmon or Windows Event logs—after simulating an adversary technique in a controlled environment.

In our next Atomic Friday, developer and maintainer Roberto Rodriguez will discuss the goals and methodology behind the project and share practical ways researchers can use it to expedite data analysis.

Have trouble seeing this form? Register directly on Zoom.

This informal discussion will cover:

  • Why and how Mordor was developed
  • Methodology used to create Mordor datasets
  • Modeling adversarial behavior through data
  • Using Atomic Red Team and Mordor datasets