Skip to content

Mal.Con24 Announcement

rare-candies edited this page Aug 30, 2024 · 11 revisions

Mal.Con24 on September 4th, 2024!

We're excited to announce Mal.Con24, a technical exchange dedicated to technical discussions, capability demonstrations, and road-mapping future development and training activities for Malcolm!

Details

  • For Virtual Attendees:
    • Microsoft Teams Live will be used for the broadcast
    • Microphones will remain off, and engagement will be through the chat room
    • A team will monitor the chatroom for virtual attendees
    • During breaks and lunch, the chat will continue to be monitored, and notifications will be sent when presentations resume
  • For In-Person Attendees:
    • Location: 4200 Wilson Blvd, Arlington, VA 22203 – 7th Floor Conference Room
    • Time: Registration begins at 8:00am ET with content from 9:00am-5:00pm ET. See the full schedule below.
    • Visitors should meet CISA staff in the front lobby to proceed through security and to registration on the 7th floor
    • Follow general security rules: avoid bringing anything not allowed on a plane
    • Lunch & Refreshments
      • Lunch & refreshments will not be provided by CISA
      • Attendees will have time to grab lunch from around 12:00-1:15pm ET
      • There are many lunch options within walking distance & CISA staff can help with recommendations, or you can bring your own and eat in the conference room
      • We recommend bringing bottled water to the event, although a limited amount of bottled water will be available on-site
      • Other refreshments will not be available, but there are plenty of coffee shops nearby
    • Dress: Casual
    • Getting There
      • Public Transportation: Ballston Metro Station (Orange/Silver Line)
      • Parking: Daily Paid Parking is available at 627 N Glebe Rd, Arlington, VA 22203

Schedule (Eastern Time)

Time Start Time End Duration (min.) Discussion/Activity Presenter/Speaker
08:00 AM 09:00 AM 60 Check-In
09:00 AM 09:10 AM 10 Opening Remarks Shaun Long (CISA)
09:10 AM 09:20 AM 10 Leadership Remarks EAD Greene (CISA)
09:20 AM 09:55 AM 35 Malcolm Tech Roadmap Seth Grover (INL) & Shaun Long
09:55 AM 10:05 AM 10 Break
10:05 AM 10:50 AM 45 ACID Zeek Behavior Detections Jake Steele & Jack Cyprus (MITRE)
10:50 AM 11:00 AM 10 Break
11:00 AM 12:00 PM 60 Parsnip Overview & Use Cases Melanie Pierce & Christopher Becker (INL)
12:00 PM 01:15 PM 75 Lunch
01:15 PM 01:55 PM 40 NLP Plugin For Opensearch Dashboards Michelle Dowling (PNNL)
01:55 PM 02:10 PM 15 Malcolm tech improvements from simulated IR & TH engagements Jason Allnutt (CISA)
02:10 PM 02:45 PM 35 Malcolm usage across Europe; Malcolm/NetBox CSAF plugin Jens Weisner (BSI)
02:45 PM 03:00 PM 15 Break
03:00 PM 03:40 PM 40 NetBox - Malcolm & Netbox: The Ultimate Team-Up Sam Lee & Jake Duda (CISA)
03:40 PM 04:20 PM 40 The Dynamic Duo of Malcolm & EKS Emma Harrison & Rajdeep Saha (AWS)
04:20 PM 04:40 PM 20 PSA – 2 Minutes on Malcolm Open to Public
04:40 PM 04:50 PM 10 CTF Results Sara Hudson (INL) & Shaun Long
04:50 PM 05:00 PM 10 Closing Remarks Kim Sanders

Sneak Peak

Here is a small sample of some of the presentations we have lined up:

  • How to use NetBox to inventory your ICS network and how are we making asset description easier for owner/operators
  • CISA & MITRE's new open-source package ACID: advanced detections & behavioral analysis for OT protocols
  • CISA & INL's new open-source protocol parser toolkit, Parsnip: overview & deep-dive demonstration
  • ICS Capture-the-Flag running 8/31-9/4 with live awards presentation at Mal.Con '24
    • Register for the CTF starting on August 24th

Help Us Out

A few asks:

  • Registration for in-person attendance is closed, but please fill out this registration if you would like to register to attend remotely.
  • Pass this around to others who may be interested!

Stay Tuned

Thank you for your support with this event! We're planning to post updates for the event here on GitHub and we will send direct email reminders as we get closer to Mal.Con '24.

Clone this wiki locally