-
Notifications
You must be signed in to change notification settings - Fork 324
Mal.Con '24 Announcement
Seth Grover edited this page Aug 27, 2024
·
37 revisions
We're excited to announce Mal.Con '24, a technical exchange dedicated to technical discussions, capability demonstrations, and road-mapping future development and training activities for Malcolm!
- For Virtual Attendees:
- Microsoft Teams Live will be used for the broadcast
- Microphones will remain off, and engagement will be through the chat room
- The conference link is included in the meeting invite and will be posted temporarily here on the Malcolm GitHub Wiki
- A team will monitor the chatroom for virtual attendees
- During breaks and lunch, the chat will continue to be monitored, and notifications will be sent when presentations resume
- For In-Person Attendees:
- Location: 4200 Wilson Blvd, Arlington, VA 22203 – 7th Floor Conference Room
- Time: Registration begins at 8:00am ET with content from 9:00am-5:00pm ET. See the full schedule below.
- Visitors should meet CISA staff in the front lobby to proceed through security and to registration on the 7th floor
- Follow general security rules: avoid bringing anything not allowed on a plane
- Lunch & Refreshments
- Lunch & refreshments will not be provided by CISA
- Attendees will have time to grab lunch from around 12:00-1:15pm ET
- There are many lunch options within walking distance & CISA staff can help with recommendations, or you can bring your own and eat in the conference room
- We recommend bringing bottled water to the event, although a limited amount of bottled water will be available on-site
- Other refreshments will not be available, but there are plenty of coffee shops nearby
- Dress: Casual
- Getting There
- Public Transportation: Ballston Metro Station (Orange/Silver Line)
- Parking: Daily Paid Parking is available at 627 N Glebe Rd, Arlington, VA 22203
| Time Start | Time End | Duration (min.) | Discussion/Activity | Presenter/Speaker |
|---|---|---|---|---|
| 08:00 AM | 09:00 AM | 60 | Check-In | |
| 09:00 AM | 09:10 AM | 10 | Opening Remarks | Shaun Long (CISA) |
| 09:10 AM | 09:20 AM | 10 | Leadership Remarks | EAD Green |
| 09:20 AM | 09:55 AM | 35 | Malcolm Tech Roadmap | Seth Grover (INL) & Shaun Long |
| 09:55 AM | 10:05 AM | 10 | Break | |
| 10:05 AM | 10:50 AM | 45 | ACID Zeek Behavior Detections | Jake Steele & Jack Cyprus (MITRE) |
| 10:50 AM | 11:00 AM | 10 | Break | |
| 11:00 AM | 12:00 PM | 60 | Parsnip Overview & Use Cases | Melanie Pierce & Christopher Becker (INL) |
| 12:00 PM | 01:15 PM | 75 | Lunch | |
| 01:15 PM | 01:55 PM | 40 | NLP Plugin For Opensearch Dashboards | Michelle Dowling (PNNL) |
| 01:55 PM | 02:10 PM | 15 | Malcolm tech improvements from simulated IR & TH engagements | Jason Allnutt (CISA) |
| 02:10 PM | 02:45 PM | 35 | Malcolm usage across Europe; Malcolm/NetBox CSAF plugin | Jens Weisner (BSI) |
| 02:45 PM | 03:00 PM | 15 | Break | |
| 03:00 PM | 03:40 PM | 40 | NetBox - OT Asset Inventory | Sam Lee & Jake Duda (CISA) |
| 03:40 PM | 04:20 PM | 40 | Malcolm & EKS in the Cloud | Amazon AWS Team |
| 04:20 PM | 04:40 PM | 20 | PSA – 3 Minutes on Malcolm | Open to Public |
| 04:40 PM | 04:50 PM | 10 | CTF Results | Sara Hudson (INL) & Shaun Long |
| 04:50 PM | 05:00 PM | 10 | Closing Remarks | Kim Sanders |
Here is a small sample of some of the presentations we have lined up:
- How to use NetBox to inventory your ICS network and how are we making asset description easier for owner/operators
- CISA & MITRE's new open-source package ACID: advanced detections & behavioral analysis for OT protocols
- CISA & INL's new open-source protocol parser toolkit, Parsnip: overview & deep-dive demonstration
- ICS Capture-the-Flag running 8/31-9/4 with live awards presentation at Mal.Con '24
- Register for the CTF starting on August 24th
A few asks:
- Please take a moment to fill out this registration if you plan to attend either in person or remotely.
- Pass this around to others who may be interested!
Thank you for your support with this event! We're planning to post updates for the event here on GitHub and we will send direct email reminders as we get closer to Mal.Con '24.