$400 Amazon Gift Card with OnDemand Training through March 10 - Learn More!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Getting the Knack of ATT&CKô

  • Tuesday, September 03, 2019 at 1:00 PM EDT (2019-09-03 17:00:00 UTC)
  • Bob Rudis


  • Rapid7 Inc.

You can now attend the webcast using your mobile device!



MITRE's ATT&CK framework provides a uniform way to encode, share and report on attacker tactics and techniques used in campaigns against your organization. MITRE ATT&CK consists of three matrices: pre-ATT&CK, ATT&CK, and Mobile. Together they comprise an end-to-end ATT&CK chain filled with all of the successful techniques that adversaries use to breach organizations.

In our upcoming webcast, join Rapid7's Chief Data Scientist, Bob Rudis, to learn how your organization can utilize MITRE ATT&CK framework. In this session you'll get a primer (or, refresher, if you already know ATT&CK inside & out) on ATT&CK. Some of the topics we'll cover include:

  • Information on how you can use the ATT&CK framework at your organization
  • Ways to analyze and improve your incident response program and overall security posture with ATT&CK
  • A detailed look at real world incidents handled by Rapid7's Managed Detection and Response team through an ATT&CK lens

Speaker Bio

Bob Rudis

Bob Rudis has over 20 years of experience using data to help defend global Fortune 100 companies and is a Security Data Scientist at Verizon. Bob is a serial tweeter (@hrbrmstr), avid blogger (rud.is), author (Data-Driven Security), speaker, and regular contributor to the open source community (github.com/hrbrmstr). He currently serves on the board of directors for the Society of Information Risk Analysts, is on the editorial board of SANS Securing The Human program and was co-chair of the 2014 Metricon security metrics/analytics conference. He holds a bachelor's degree in computer science from the University of Scranton.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.