• 10:00 am Arrivals
• 10:15 am Welcome | Fortinet Security Operations Overview
• 11:15 am Break
• 11:30 am Lunch
• 12:00 pm Hands-On Workshop | Threat Hunting using MITRE ATT&CK™ TTPs to Identify Adversarial Behaviors
• 2:00 pm Event Concludes

Fortinet’s SecOps platform uses AI-powered sensors and advanced analytics to detect threats across devices, users, files, networks, cloud, email, and even the dark web. Fortinet enables centralized, automated investigation and response to reduce cyber risk, cost, and operational effort. 

During this security day, you will learn how to use Fortinet analytics products to hunt for threats using TTPs by assuming the role of a security analyst. 

The challenge is set up with several exercises set around the technical goals the adversary is trying to achieve (ATT&CK™ Tactics), for example, Initial Access, Persistence, Privilege Escalation, Command and Control. You will be asked to detect any techniques being used by an adversary to achieve these goals.

During this workshop, you will learn how to:

• Determine what is the MITRE ATT&CK framework and how it can be used.
• Determine what are the TTPs that threat actors use to carry out a breach.
• Use FortiEDR Threat Hunting capabilities to uncover threats on the network.
• Use FortiSIEM analytics to discovery attacker behavior based on attack techniques.
• Use FortiDecepter to find attacker activity and shorten attacker dwell time.