Today, ATT&CK is widely used and adapted as part of a threat-informed defense by a wide range of organizations and users—from CISOs working to revamp their SOCs to analysts trying to map detection rules to specific adversary techniques. By creating an ATT&CK-focused conference, MITRE wants to shine a light on adversary behavior and provide a venue to learn about all the cool stuff people are doing with ATT&CK.
To kick off the first ever ATT&CKcon, we are soliciting both full (30 minute) and lightning (10 minute) talks from the community on any and all applications of ATT&CK. From managers to operators, if you’re using ATT&CK we want to hear from you! Some suggested things that we’d love to see:
•Stories on how you’ve deployed ATT&CK into your environment
•Metrics to measure coverage of ATT&CK techniques as well as SOC performance
•Measurements or business studies showing how ATT&CK has helped enhance operations
•Red and purple team successes enabled by ATT&CK
•Novel research you’ve done where ATT&CK plays a key role
•Developing analytics to increase ATT&CK coverage
•Using ATT&CK to enable threat hunting
•Techniques to align threat intelligence with ATT&CK
•ATT&CK deployed in an automation pipeline
•How to make ATT&CK more useful
•Anything else where you’ve done something cool with ATT&CK!
While we welcome submissions from the vendor community, we will not accept proposals that are solely product pitches.