Fast Track Workshop: Montgomery, AL
When: Tuesday, December 4th, 2024 11am - 3pm ET
Where: Central, Montgomery  129 Coosa St. Montgomery, AL 36104

Session: Threat Hunting using MITRE ATT&CKTM TTPs to Identify Adversarial Behaviors

Participants in this workshop will learn how to:

• Educational challenge where participants will assume the role of a security analyst and be asked to identify any undetected threats on AcmeCorp's network. 
• To do this participants will make use of Mitre ATT&CK™, which is a knowledge base of adversarial behavior based on real-world observations.
• ATT&CK™ allows analysts to hunt for patterns of behavior rather than artifacts such as hashes, IPs, or Domains. Why is this important? Well, according to 'The Pyramid of Pain' by David Bianco, while it is very easy for attackers to change these artifacts it is much harder for them to change their Tactics, Techniques, and Procedures (TTPs). Therefore, TTPs are a more reliable way of identifying adversary behavior.
• The challenge is set up with several exercises set around the technical goals the adversary is trying to achieve (ATT&CK™ Tactics), for example, Initial Access, Persistence, Privilege Escalation, Command and Control. You will be asked to detect any techniques being used by an adversary to achieve these goals.

AGENDA:

11:00am - Check-in, Presentation

12:00pm 1:45 PM CT- Labs and Lunch 

3:00pm - Wrap-up and Q&A

Please bring a laptop to participate in this Fast Track.