The MITRE ATT&CK framework has gained a lot of traction in the security community as a taxonomy and knowledge base to describe adversary behavior. However, the framework and its related tools have a much broader potential impact and scope. What's missing is a good understanding of the practical operational use cases and the supporting tools. This session will fill that gap.
1: Understand the essence of the ATT&CK framework and its operational relevance.
2: Identify ATT&CK use cases in prevention, detection/hunting and response.
3: Gain insight into the available tools and systems to convert ATT&CK into practice.