Friday, December 5, 2025
10:00 AM - 3:00 PM (EST)
Charlotte, NC - Educational Challenge: Threat Hunting using MITRE ATT&CK™ TTPs to Identify Adversarial Behaviors

When: December 5, 2025
Where: NASCAR Hall of Fame
Address: 400 E M.L.K. Jr Blvd, Charlotte, NC 28202

 

Workshop Description: 

In this workshop, participants learn how to use Fortinet analytics products to hunt for threats using TTPs.

Participants will assume the role of a security analyst and be asked to identify any undetected threats on AcmeCorp's network. To do this they will make use of MITRE ATT&CK™, which is a knowledge base of adversary behavior based on real-world observations.

The challenge is set up with several exercises set around the technical goals the adversary is trying to achieve (ATT&CK™ Tactics), for example, Initial Access, Persistence, Privilege Escalation, Command and Control. Participants will be asked to detect any techniques being used by an adversary to achieve these goals.

In this Fast Track, attendees will gain hands-on experience developing and understanding the analytics needed to discover the techniques used by adversaries during a cyber security breach.

Participants who attend this workshop will learn how to:

  • What is the MITRE ATT&CK framework and how it can be used
  • What are the TTPs that threat Actor’s use to carry out a breach
  • Use FortiEDR Threat Hunting capabilities to uncover threats on the network
  • Use FortiSIEM analytics to discovery attacker behavior based on attack techniques
  • Use FortiDecepter to find attacker activity and shorten attacker dwell time

 

Agenda:

10:00am – 10:15am – Check in

10:15am – 11:15am – Theory

11:15am – 3:00pm – Lunch, Lab and Q&A (this will be a working lunch; however, participants are welcome to take breaks as needed)

 

Reminder: Please bring a laptop to participate in this Fast Track