Cyber Deception - AttivoNetwork

•

1 like•216 views

This document discusses cyber deception techniques for detecting cyber attacks. It introduces concepts like using decoys and breadcrumbs like credential lures and file lures to detect attackers moving laterally in a network. It also discusses the MITRE attack framework and deception placement using tactics like decoys and breadcrumbs to detect attackers at each phase of an intrusion kill chain. The document is intended to provide proposal information for customers on cyber deception implementation.

Technology

Deception
January 20, 2020
Du Vu Duc
Post Sale Manager
Email: DuVD@mi2.com.vn
Mobile: +84984852758
Classification: Tech Dept - Proposal Info - Customer Use

Classification: Tech Dept - Proposal Info - Customer Use
Concepts
Mechanism
Implementation
Q&A
Cyber Deception

Attack (intrustion) Kill chain – AttivoNetwork

Concepts: Breadcrumds aka Lures
• Credential & Active Directory
breadcrumbs
• File & Data breadcrumbs
• Network breadcrumbs
• Application breadcrumbs

Concepts: Active Directory Kill Chain
Attack & Defense

Classification: Tech Dept - Proposal Info - Customer Use
Du Vu Duc| Post-Sales Manager
Email: DuVD@Mi2.com.vn
Mobile: +84984852758

Deception is always a best defense in depth tactics being used by defenders league be it in People war or Cyber war in current age. Best of the military tactics are engaged in using deception as a key tactics which is under revolution to be followed in day to day defensive techniques by organisations to safeguard themselves from Advance Persistent Threats or we call APT's. In this session we will try to cover the Present, Past and Future of the deception technologies along with adoption of the upcoming counter technique by Defenders League.

SACON - Deception Technology (Sahir Hidayatullah)

Priyanka Aash

Deception Technology: Use Cases & Implementation Approaches

Priyanka Aash

AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success

Robert Grupe, CSSLP CISSP PE PMP

This session is for organizational executive managers and security teams who want to know the effectiveness and performance of their organization’s application security initiatives. Introductory performance KPI metrics covered for: 1. Product Security Quality & Business Financial Risk Exposure 2. SSDLC Maturity Organizational Performance 3. AppSec QA Testing 4. AppSec Consulting 5. AppSec Training 6. DevSecOps

MITRE ATT&CK framework

Bhushan Gurav

Threat Hunting - Moving from the ad hoc to the formal

Priyanka Aash

In order to effectively defend your organization, you must think about the offensive strategy as well. But before we get ahead of ourselves let’s talk briefly about the building blocks of a good offense. First is an architecture that is built around a security policy that is aligned with the business risk. Risk must be understood and a cookie cutter approach must be avoided here because again every organization is different and so are their risks.

The shift left approach in DevOps moves software testing earlier in its lifecycle to prevent defects early in the software delivery process. How can developers use this approach to ensure security? Josh Thorngren, VP of Marketing at Twistlock, will explain what it means to shift left, and share five steps to ensure a successful transition to a shift left approach with DevOps. Join this webinar to learn: Best practices in adopting a successful shift to the left How ‘shifting left’ promotes security How developers are the new security guards in protecting company information

Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...

Jorge Orchilles

Join Jorge Orchilles and Phil Wainwright as they cover how to show value during Red and Purple Team exercises with a free platform, VECTR. VECTR is included in SANS Slingshot C2 Matrix Edition so you can follow along the presentation and live demos. VECTR is a free platform for planning and tracking of your red and purple team exercises and alignment to blue team detection and prevention capabilities across different attack scenarios. VECTR provides the ability to create assessment groups, which consist of a collection of Campaigns and supporting Test Cases to simulate adversary threats. Campaigns can be broad and span activity across the kill chain or ATT&CK tactics, from initial access to privilege escalation and lateral movement and so on, or can be a narrow in scope to focus on specific defensive controls, tools, and infrastructure. VECTR is designed to promote full transparency between offense and defense, encourage training between team members, and improve detection, prevention & response capabilities across cloud and on-premise environments. Common use cases for VECTR are measuring your defenses over time against the MITRE ATT&CK framework, creating custom red team scenarios and adversary emulation plans, and assisting with toolset evaluations. VECTR is meant to be used over time with targeted campaigns, iteration, and measurable enhancements to both red team skills and blue team detection capabilities. Ultimately the goal of VECTR is to help organizations level up and promote a platform that encourages community sharing of CTI that is useful for red teamers, blue teamers, threat intel teams, security engineering, any number of other cyber roles, and helps management show increasing maturity in their programs and justification of whats working, whats not, and where additional investment might be needed in tools and team members to bring it all together.

Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research

MITRE - ATT&CKcon

From MITRE ATT&CKcon Power Hour October 2020 By: Aunshul Rege, Associate Professor, Temple University, @prof_rege Rachel Bleiman, PhD Student/NSF Graduate Research Assistant, Temple University, @rab1928 This presentation from the MITRE ATT&CKcon Power Hour session on October 9, 2020, explores the application of the MITRE ATT&CK® and PRE-ATT&CK matrices in cybercrime education and research. Specifically, Rege and Bleiman demonstrate the mapping of the PRE-ATT&CK matrix to social engineering case studies as an experiential learning project in an upper-level cybercrime liberal arts course. It thus allows students to understand the alignment process of threat intelligence to the PRE-ATT&CK framework and also learn about its usefulness/limitations. The talk also discusses the mapping of the ATT&CK matrix, tactics, techniques, software, and groups for two cybercrime datasets created by collating publicly disclosed incidents: (i) critical infrastructure ransomware (CIRW) incidents, and (ii) social engineering (SE) incidents. For the CIRW dataset, 39% of the strains mapped onto the ATT&CK software. For the SE dataset, 49% of the groups and 65% of the techniques map on to the MITRE framework. This helps the researchers identify the framework's usefulness/limitations and also helps our datasets connect to richer information that may not otherwise be available in the publicly disclosed incidents.

Purple team strategy_lascon_2016

Trupti Shiralkar, CISSP

Lately, monolithic applications have been replaced by more complex and evolving micro-service oriented architecture. Moreover, with the rise of CI/CD, DevOps, and agile SDLC, the need for building security as a core line of business has become an indispensable requirement. Within this framework, the traditional security evaluation approach, or the new secure DevOps approach implemented using small security teams (blue team, red team, DevOps security team, etc.) present both limitations and advantages. Specifically, the checkpoint approach slows down deployments, and not all types of security assessments can be automated in CI/CD. In this presentation, I suggest that a purple team strategy is the best way to weave security across business units in an organization. Purple teams are security teams that consolidate the defensive security controls prominently learnt from blue teams with the vulnerabilities and exploitation techniques utilized by red teams, into a single score. A purple team approach can break artificial boundaries and transform security from a checkpoint to a semi-mystical function. Successful collaboration between purple team members and developers/devOps engineers will bridge the operational gap between implementation and verification of defensive controls, while using exploitation techniques will reduce the issue identification and remediation time significantly. Adopting a purple team approach can also break the negative stereotype associated with security professionals and security testing. In this talk, the audience will learn the traits and methodology of purple teams and how they are used to influence security among various groups, while augmenting the effectiveness and influence of application security programs.

Palestra Medindo seu nível de Visibilidade e Detecção usando ATT&CK e DeTT&CT

Tenchi Security

O princípio básico para se detectar é ter visibilidade. Muitas empresas investem em produtos caros mas dificilmente possuem um processo para aferir a qualidade das informações, se elas realmente estão chegando onde deveriam e por final, se a mesma geram alertas de detecção. A idéia da palestra é demonstrar como ATT&CK juntamente com o projeto DeTT&CT podem te ajudar nessa validação. Além de validar como estão as fontes de dados, qualidade dos eventos, superfície coberta da empresa, essa combinação proporciona que os time defensivos ou Blue Team, consigam rapidamente analisar qual o risco de uma nova ameaça, grupo de APT, nova ferramenta maliciosa, gerar KPI para demonstrar evolução e ajudar na escolha de novas ferramentas necessárias.

MITRE ATT&CKcon 2018: ATT&CK: All the Things, Neelsen Cyrus and David Thompso...

MITRE - ATT&CKcon

Governance of security operation centers

Brencil Kaimba

An in-depth look at: 1. Disruptive Technology and its impact on organizations. 2. Need for a Security Operations Center (SOC) for the 21st century businesses 3. Designing and operating an effective SOC - what it takes to run a successful SOC starting from how we should prepare our minds in terms of approach to the actual implementation and operation. 4. Qualities any SOC Analyst should possess 5. Measuring the success of a SOC - We discuss critical factors to consider when determining the success of a SOC.

The Rise of the Purple Team

Priyanka Aash

As attacker tactics, techniques and procedures evolve, so must the defenses and strategy used to defend against them. Traditional red teaming presents an opportunity to find gaps in security, but leaves more valuable information unabsorbed. Results and methodologies used in red team assessments can drive protections in place use by blue teams and a larger program and vice versa. (Source: RSA USA 2016-San Francisco)

Building a Successful Internal Adversarial Simulation Team - Chris Gates & Ch...

Chris Gates

Brucon 2016 The evolution chain in security testing is fundamentally broken due to a lack of understanding, reduction of scope, and a reliance on vulnerability “whack a mole.” To help break the barriers of the common security program we are going to have to divorce ourselves from the metrics of vulnerability statistics and Pavlovian risk color charts and really get to work on how our security programs perform during a REAL event. To do so, we must create an entirely new set of metrics, tests, procedures, implementations and repeatable process. It is extremely rare that a vulnerability causes a direct risk to an environment, it is usually what the attacker DOES with the access gained that matters. In this talk we will discuss the way that Internal and external teams have been created to simulate a REAL WORLD attack and work hand in hand with the Defensive teams to measure the environments resistance to the attacks. We will demonstrate attacks, capabilities, TTP’s tracking, trending, positive metrics, hunt integration and most of all we will lay out a road map to STOP this nonsense of Red vs BLUE and realize that we are all on the same team. Sparring and training every day to be ready for the fight when it comes to us.

Mapping ATT&CK Techniques to ENGAGE Activities

MITRE ATT&CK

From ATT&CKcon 3.0 By David Barroso, CounterCraft When an adversary engages in a specific behavior, they are vulnerable to expose an unintended weakness. By looking at each ATT&CK technique, we can examine the weaknesses revealed and identify an engagement activity or activities to exploit this weakness. During the presentation we will see some real examples of how we can use different ATT&CK techniques in order to plan different adversary engagement activities.

Threat Modelling

n|u - The Open Security Community

Purple Teaming the Cyber Kill Chain: Practical Exercises for Everyone Sector...

Chris Gates

Sector 2016 Chris Gates & Haydn Johnson Purple Teaming is conducting focused Red Teams with clear training objectives for the Blue Team for the ultimate goal of improving the organization’s overall security posture. The popular opinion is that Purple Teaming requires a big undertaking. This is not true and we will show practical exercises for Purple Teaming for varying levels of organizational maturity using the Cyber Kill Chain[1] as our framework.

ATT&CK is the Best Defense - Emulating Sophisticated Adversary Malware to Bol...

MITRE ATT&CK

Effective Threat Hunting with Tactical Threat Intelligence

Dhruv Majumdar

Building an InfoSec RedTeam

Dan Vasile

Putting MITRE ATT&CK into Action with What You Have, Where You Are

Katie Nickels

Threat-Based Adversary Emulation with MITRE ATT&CK

Katie Nickels

BSidesLV 2018 - Katie Nickels and John Wunder - ATT&CKing the Status Quo

Katie Nickels

Evolution of Offensive Testing - ATT&CK-based Adversary Emulation Plans

Christopher Korban

M4 Ch 1 Cyber Security.pdf

JitendraBhatia15

Who is the next target proactive approaches to data security

Ulf Mattsson

The landscape of threats to sensitive data is changing. New technologies bring with them new vulnerabilities, and organizations like Target are failing to react properly to the shifts around them. What's needed is an approach equal to the persistent, advanced attacks companies face every day. The sooner we start adopting the same proactive thinking hackers are using to get at our data, the better we will be able to protect it.

What's hot

Honeypot and deception

milad saber

Shift Left Security - The What, Why and How

DevOps.com

Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...

Jorge Orchilles

Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research

MITRE - ATT&CKcon

Purple team strategy_lascon_2016

Trupti Shiralkar, CISSP

Palestra Medindo seu nível de Visibilidade e Detecção usando ATT&CK e DeTT&CT

Tenchi Security

MITRE ATT&CKcon 2018: ATT&CK: All the Things, Neelsen Cyrus and David Thompso...

MITRE - ATT&CKcon

Governance of security operation centers

Brencil Kaimba

The Rise of the Purple Team

Priyanka Aash

Building a Successful Internal Adversarial Simulation Team - Chris Gates & Ch...

Chris Gates

Mapping ATT&CK Techniques to ENGAGE Activities

MITRE ATT&CK

Threat Modelling

n|u - The Open Security Community

Purple Teaming the Cyber Kill Chain: Practical Exercises for Everyone Sector...

Chris Gates

ATT&CK is the Best Defense - Emulating Sophisticated Adversary Malware to Bol...

MITRE ATT&CK

Effective Threat Hunting with Tactical Threat Intelligence

Dhruv Majumdar

Building an InfoSec RedTeam

Dan Vasile

Putting MITRE ATT&CK into Action with What You Have, Where You Are

Katie Nickels

Threat-Based Adversary Emulation with MITRE ATT&CK

Katie Nickels

BSidesLV 2018 - Katie Nickels and John Wunder - ATT&CKing the Status Quo

Katie Nickels

Evolution of Offensive Testing - ATT&CK-based Adversary Emulation Plans

Christopher Korban

What's hot (20)

Honeypot and deception

Shift Left Security - The What, Why and How

Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...

Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research

Purple team strategy_lascon_2016

Palestra Medindo seu nível de Visibilidade e Detecção usando ATT&CK e DeTT&CT

MITRE ATT&CKcon 2018: ATT&CK: All the Things, Neelsen Cyrus and David Thompso...

Governance of security operation centers

The Rise of the Purple Team

Building a Successful Internal Adversarial Simulation Team - Chris Gates & Ch...

Mapping ATT&CK Techniques to ENGAGE Activities

Threat Modelling

Purple Teaming the Cyber Kill Chain: Practical Exercises for Everyone Sector...

ATT&CK is the Best Defense - Emulating Sophisticated Adversary Malware to Bol...

Effective Threat Hunting with Tactical Threat Intelligence

Building an InfoSec RedTeam

Putting MITRE ATT&CK into Action with What You Have, Where You Are

Threat-Based Adversary Emulation with MITRE ATT&CK

BSidesLV 2018 - Katie Nickels and John Wunder - ATT&CKing the Status Quo

Evolution of Offensive Testing - ATT&CK-based Adversary Emulation Plans

Similar to Cyber Deception - AttivoNetwork

M4 Ch 1 Cyber Security.pdf

JitendraBhatia15

Who is the next target proactive approaches to data security

Ulf Mattsson

[배포용_최종] CISSP협회 제72회 정보보호리더십세미나_Cybersecurity Mesh, Identity First_v1.0.pdf

james yoo

Power Plants Security Webinar Presentation

Certrec

Certrec’s Fas Mosleh presents some of the biggest cyber threats currently targeting utilities. This webinar includes examples of attacks on utilities that have happened in recent years and action steps to prevent future breaches. As cyber-attacks from nation-state and domestic threats increase, it is important that power plants meet these threats to avoid costly reputational and equipment damage. For more, visit: https://www.certrec.com/

Where Data Security and Value of Data Meet in the Cloud

Ulf Mattsson

Practical risk management for the multi cloud

Ulf Mattsson

This session will take a practical approach to IT risk management and discuss multi cloud, Verizon Data Breach Investigations Report (DBIR) and how Enterprises are losing ground in the fight against persistent cyber-attacks. We simply cannot catch the bad guys until it is too late. This picture is not improving. Verizon reports concluded that less than 14% of breaches are detected by internal monitoring tools. We will review the JP Morgan Chase data breach were hackers were in the bank’s network for months undetected. Network configuration errors are inevitable, even at the largest banks as Capital One that recently had a data breach where a hacker gained access to 100 million credit card applications and accounts. Viewers will also learn about: - Macro trends in Cloud security and Micro trends in Cloud security - Risks from Quantum Computing and when we should move to alternate forms of encryption - Review “Kill Chains” from Lockhead Martin in relation to APT and DDoS Attacks - Risk Management methods from ISACA and other organizations Speaker: Ulf Mattsson, Head of Innovation, TokenEx

Cyber security course in kerala | C|PENT | Blitz Academy

ananthakrishnansblit

Cyber security courses in Kerala , kochi

amallblitz0

The Future of Cybersecurity courses.pptx

RykaBhatt

Exploring the Defender's Advantage

Raffael Marty

Key note in nyc the next breach target and how oracle can help - nyoug

Ulf Mattsson

Old security approaches are based on finding malware and data leaks. This is like "boiling the ocean," since you are “patching” all possible data paths and data stores, and you may not even find a trace of an attack. New security approaches assume that you are under attack and focus instead on protecting the data itself, even in computer memory (the “target” for a growing number of attacks). This session discusses what companies can do now to prevent what happened to Target and others processing PII, PHI and PCI data. The Oracle Big Data Appliance is a critical part of the solution.

DDS Secure Intro

John Breitenbach

(SACON) Dr. James Stanger - Surfing today’s emerging tech: A policy-based app...

Priyanka Aash

Cyber security course in Kerala , Kochi

amallblitz0

GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution

Shah Sheikh

Industrial Cybersecurity and Critical Infrastructure Protection in EuropePositive Hack Days

The Enterprise Internet of Things: Think Security First

Dell World

The proliferation of connected products and equipment creates an almost limitless combination of physical-cyber intersections and opportunities for security breaches. Designing enterprise Internet of Things (IoT) ecosystems must start with identifying potential security vulnerabilities and developing a unified security approach to keep a step ahead of threats and maintain a predictive, proactive security posture. Securing IoT ecosystems is complex but with the industry's broadest portfolio of security tools and expertise—and a holistic approach—Dell helps reduce security risk to ensure your enterprise infrastructure and data remain safe, secure and private. This session will discuss the unique security risks in IoT ecosystems and the strategies and tools for addressing them.

Retail Week: Cloud Security

Datapipe

Ciberseguridad en el mundo de la IA

Cristian Garcia G.

2023 es el año de la irrupción generalizada de la Inteligencia Artificial, y las empresas y los usuarios se están beneficiando de ellas; sin embargo los atacantes también lo hacen y aprovechan generando ataques cada vez más sofisticados, que impactan una superficie de ataque extendida en muchos vectores. Cómo entender la ciberseguridad en esta realidad y prevenir los ataques para evitar su impacto en nuestras vidas

Cloud Security: Perception Vs. Reality

Internap

Similar to Cyber Deception - AttivoNetwork (20)

M4 Ch 1 Cyber Security.pdf

Who is the next target proactive approaches to data security

[배포용_최종] CISSP협회 제72회 정보보호리더십세미나_Cybersecurity Mesh, Identity First_v1.0.pdf

Power Plants Security Webinar Presentation

Where Data Security and Value of Data Meet in the Cloud

Practical risk management for the multi cloud

Cyber security course in kerala | C|PENT | Blitz Academy

Cyber security courses in Kerala , kochi

The Future of Cybersecurity courses.pptx

Exploring the Defender's Advantage

Key note in nyc the next breach target and how oracle can help - nyoug

DDS Secure Intro

(SACON) Dr. James Stanger - Surfing today’s emerging tech: A policy-based app...

Cyber security course in Kerala , Kochi

GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution

Industrial Cybersecurity and Critical Infrastructure Protection in Europe

The Enterprise Internet of Things: Think Security First

Retail Week: Cloud Security

Ciberseguridad en el mundo de la IA

Cloud Security: Perception Vs. Reality

Recently uploaded

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

James Anderson

Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management. The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM). Speakers: Bob Boule Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle. Gopinath Rebala Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Prayukth K V

The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development. The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers: State of global ICS asset and network exposure Sectoral targets and attacks as well as the cost of ransom Global APT activity, AI usage, actor and tactic profiles, and implications Rise in volumes of AI-powered cyberattacks Major cyber events in 2024 Malware and malicious payload trends Cyberattack types and targets Vulnerability exploit attempts on CVEs Attacks on counties – USA Expansion of bot farms – how, where, and why In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East Why are attacks on smart factories rising? Cyber risk predictions Axis of attacks – Europe Systemic attacks in the Middle East Download the full report from here: https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/

Elevating Tactical DDD Patterns Through Object Calisthenics

Dorra BARTAGUIZ

After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!

Accelerate your Kubernetes clusters with Varnish Caching

Thijs Feryn

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

Ramesh Iyer

In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...

Product School

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

Monitoring Java Application Security with JDK Tools and JFR Events

Ana-Maria Mihalceanu

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Thierry Lestable

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

Knowledge engineering: from people to machines and back

Elena Simperl

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Paul Groth

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

Product School

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Product School

Neuro-symbolic is not enough, we need neuro-*semantic*

Frank van Harmelen

Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”. All of this illustrated with link prediction over knowledge graphs, but the argument is general.

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

FIDO Alliance

How world-class product teams are winning in the AI era by CEO and Founder, P...

Product School

UiPath Test Automation using UiPath Test Suite series, part 3

DianaGray10

The Art of the Pitch: WordPress Relationships and Sales

Laura Byrne

Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes? All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.

Recently uploaded (20)

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

FIDO Alliance Osaka Seminar: Overview.pdf

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Elevating Tactical DDD Patterns Through Object Calisthenics

Accelerate your Kubernetes clusters with Varnish Caching

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...

GraphRAG is All You need? LLM & Knowledge Graph

Monitoring Java Application Security with JDK Tools and JFR Events

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Epistemic Interaction - tuning interfaces to provide information for AI support

Knowledge engineering: from people to machines and back

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Neuro-symbolic is not enough, we need neuro-*semantic*

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

How world-class product teams are winning in the AI era by CEO and Founder, P...

UiPath Test Automation using UiPath Test Suite series, part 3

The Art of the Pitch: WordPress Relationships and Sales