Using the MITRE ATT&CK Framework for Detection and Threat Hunting

  • Thursday, 07 May 2020 1:00PM EDT (07 May 2020 17:00 UTC)
  • Speaker: Trevor Daughney

Threat hunting is evolving from focusing on IoCs to TTPs in order to understand the entire breadth of an attack, rather than simply stringing together its artifacts. In this presentation you will learn how to uncover modern attacks by detecting and investigating common tactics, techniques and procedures (TTPs) used by attackers, including:

  • - An introduction to MITRE ATT&CK and recent changes to the framework
  • - An explanation of how the framework can be used by security teams.
  • - An outline how Exabeam can help you defend against attacker TTPs using machine-learning based anomaly detection and threat hunting

Security practitioners will leave this presentation more knowledgeable about how to uncover the entirety of attacks by focusing on TTPs.