Open invitation to TIBER provider event

Abstract icon The TIBER-DK Cyber Team (TCT) cordially invites providers of Threat Intelligence (TI) and Red Team (RT) services to a provider event on 27 September. The TIBER-EU Cyber Team will introduce the newly published TIBER-EU Purple Teaming Best Practices. Additionally, the usage of leg-ups in TIBER tests will be presented and discussed. Guidance on Targeted Threat Intelligence deliverables will also be introduced. Discussions and experience sharing will be facilitated. The initiative reflects the TCT’s wishes to strengthen the crucial dialogue with and between TI and RT providers.

To strengthen cyber resilience, TIBER-DK facilitates Threat Intelligence Based Ethical Red-teaming tests of critical infrastructure in the Danish financial sector. TIBER tests simulate advanced attacks from organised crime groups and state-sponsored actors in live production environments. Incorporating targeted, up-to-date threat intelligence, the tests take point of departure in realistic tactics, techniques and procedures. The ultimate objective is to increase cyber resilience across the financial sector in Denmark. The involvement and expertise of Threat Intelligence (TI) and Red Team (RT) providers is crucial in this pursuit. To strengthen the dialogue and mutual feedback with TI and RT providers, a forum holding biannual meetings has been established. Here, current topics within TIBER-DK and TIBER-EU will be discussed. Providers will be able to share experiences and discuss the TIBER-DK implementation of the TIBER-EU Framework along with ideas and visions for future iterations. For the forthcoming meeting, the agenda will be as follows:

  • Morning coffee and light breakfast – from 08:00-08:25
  • Welcome – at 08:30
  • TIBER-EU: General update with focus on TIBER-EU Purple Teaming Best Practices
  • Leg-ups in TIBER – why, how and when?
  • Targeted Threat Intelligence deliverables: Guidance document on creating valuable learning
  • Thank you and future events

All providers are welcome to the event. It is not a prerequisite to have previous experience with TIBER tests. The TIBER-DK Cyber Team welcomes suggestions for topics to discuss at future events, at which provider-led presentations of relevant insights will be both encouraged and appreciated. To suggest topics or volunteer to present at future events, please reach out to

This provider event will be held in a hybrid format on 27 September 2022 from 08:00-10:30. From 08:00, coffee and a light breakfast will be served. The formal programme will commence at 08:30 and include a short break for networking.

If possible, it is recommended to participate physically. Up to two physical participants per provider can attend the event physically at Danmarks Nationalbank in Copenhagen. Any additional participants are welcome to attend virtually. In order to participate physically or virtually, please RSVP to, indicating the full names and e-mail addresses of all participants. Please also remember to specify the attendees whom are expected to participate physically as only registered participants are allowed physical access. The deadline to register for physical participation is 14 September 2022. Physical attendees must present valid photo ID at the reception in Danmarks Nationalbank.

On behalf of the TIBER-DK Cyber Team, we hope to see as many attendees as possible at the second of a series of successful provider events.

More information

Please click here to see the invitation (in pdf)