Description:
Turn MITRE ATT&CK from a reference framework into a practical investigation tool. In this hands-on capture-the-flag workshop, participants step into the role of a SOC analyst and work through a guided attack scenario to identify adversary tactics and techniques, uncover flags, and build confidence in threat hunting fundamentals. Using Security Operations tools attendees will learn how to connect activity, map observations to ATT&CK, and investigate suspicious behavior more effectively. This session is designed as an interactive learning experience with the goal of helping participants understand how ATT&CK can support security operation and analyst development.
About this event:
Presenters:
- Jason Palm, Systems Engineer, Fortinet
Track:
I Thought This Was a Star Wars Convention – Don’t think your topic fits into any of the previous categories? This is the place for you!
Experience Needed:
All Levels
Learning Outcome:
A stronger preparedness posture and greater understanding of the current threat vectors.
Maximum Capacity:
50 or less
Additional Keywords:
capture-the-flag workshop; SOC; security operations