Monday, September 15, 2025
1:00 PM - 4:45 PM (CDT)
Threat Hunting using MITRE ATT&CKTM TTPs to Identify Adversarial Behaviors

9/15/25 Workshop: Threat Hunting using MITRE ATT&CKTM TTPs to Identify Adversarial Behaviors

In this workshop, participants learn how to use Fortinet analytics products to hunt for threats using TTPs by assuming the role of a security analyst. Attendees will be asked to identify any undetected threats on the network making use of the MITRE ATT&CK™ framework.

The challenge is set up with several exercises set around the technical goals the adversary is trying to achieve (ATT&CK™ Tactics), for example, Initial Access, Persistence, Privilege Escalation, Command and Control. Participants will be asked to detect any techniques being used by an adversary to achieve these goals.

The challenge is set up with several exercises set around the technical goals the adversary is trying to achieve (ATT&CK™ Tactics), for example, Initial Access, Persistence, Privilege Escalation, Command and Control. Participants will be asked to detect any techniques being used by an adversary to achieve these goals.

Participants who attend this workshop will learn how to:

  • determine what is the MITRE ATT&CK framework and how it can be used.
  • determine what are the TTPs that threat actors use to carry out a breach.
  • Use FortiEDR Threat Hunting capabilities to uncover threats on the network.
  • Use FortiSIEM analytics to discovery attacker behavior based on attack techniques.
  • Use FortiDecepter to find attacker activity and shorten attacker dwell time.