--[ Threat Hunting With ATT&CK

$ getent passwd afeffer
├─── name: Antonia Feffer
├──── org: MITRE
└─ social:
   └─ twitter: @MITREattackDef

I am currently a cybersecurity engineer with the MITRE Corporation, after separating from the Army earlier this year. While in the Army, I was a Cyber Warfare Officer serving in various roles, mostly focused on DCO. Since joining MITRE, I have worked on various projects supporting sponsors like the Army and Space Force, as well as developing content for MITRE ATT&CK Defender.


The ATT&CK framework has grown significantly over the past few years, with adoption by many organizations across DoD, government, and industry. This presentation will provide an overview of the framework and how it can be leveraged for a variety of use cases across the cyber domain. We will also walk through an example of using ATT&CK to assist with threat hunting and analytic development, incorporating the concept of behavioral invariants.