Session ID: 

Using ATT&CK to Find Cyber Threats and Bolster Cyber Defense

1:15pm - 2:00pm Wednesday, February 13
Orlando - Orange County Convention Center
Hall A | Booth 400 | Cybersecurity Theater A


The Adversarial Tactics, Techniques, & Common Knowledge (ATT&CK™) knowledgebase, developed for public use by the MITRE Corporation, provides a methodology for characterizing and describing the actions an adversary may take while operating on specific platforms, and prior to compromise, within an enterprise network. This presentation will explain the ATT&CK knowledgebase and its application, as well as describe the healthcare-led, ATT&CK-based analytic development effort.

Learning Objectives: 

  • 1. Explain the ATT&CK knowledge base in detail, to include ATT&CK for Enterprise, PRE-ATT&CK, and ATT&CK for mobile. The adversary tactic categories and techniques within each tactic category will be reviewed
  • Explain how to use ATT&CK to detect adversary behavior, improve cyber threat intelligence, conduct security gap analysis, emulate adversaries, and develop behavior detection analytics
  • Describe the current effort developing ATT&CK-based analytics for healthcare


Principal Cybersecurity Engineer,
The MITRE Corporation
Continuing Education Credits: