The conference dedicated to the MITRE ATT&CK® community returns. 

Join us either in person or virtually for ATT&CKcon 3.0 live from MITRE headquarters in McLean, Virginia, on March 29 and 30. We’re looking forward to showcasing great speakers, content, and conversation to help you make the most of how you use ATT&CK. 

In-Person Safety  

While we’re excited to host attendees in-person, ensuring your safety is essential.  

The following COVID-19 protocols will be in place throughout the conference: 

  • The conference will operate under limited in-person capacity. 
  • Proof of vaccination (physical or digital) will be required for entry.  
  • Masks will be required in all indoor areas.


We already have a great slate of presentations confirmed for ATT&CKcon 3.0: 

The ATT&CK Latin American APT Playbook 
Santiago Pontiroli and Dmitry BestuzhevKaspersky 

The ATT&CK Metaverse: Exploring the Limitations of Applying ATT&CK on Intelligence Led Defenses 
Gert-Jan BrugginkVenation 

The ATT&CK Philharmonic 
Ivan Ninichuck and Andy ShepardSiemplify 

ATT&CKing Containers in the Cloud 
Jared Stroud, Lacework 

ATT&CKing the Red/Blue Divide 
Fred Frey and Jonathan MulhollandSnapAttack 

Automating the Mundanity of Technique IDs with ATT&CK Detections Collector 
Marcus LaFerrera and Ryan Kovar, Splunk 

Exploring How Students Map Social Engineering Techniques to the ATT&CK Framework During a Real-Time Cybersecurity Exercise 
Aunshul RegeKatorah Williams, and Rachel Bleiman, Temple University 

It's Just a Jump to the Left (of Boom): Prioritizing Detection Implementation with Intelligence and ATT&CK 
Lindsay Kaye and Scott Small, Recorded Future 

Knowledge for the Masses: Storytelling with ATT&CK! 
Ismael Valenzuela and Jose Luis Sanchez MartinezTrellix 

Landing on Jupyter: The Transformative Power of Data-Driven Storytelling for Security Operations 
Jose Barajas and Stephan ChenetteAttackIQ 

Mapping ATT&CK Techniques to Engage Activities 
David BarrosoCounterCraft Security, Inc. 

Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interactive Intrusion Campaigns 
Jason Wood and Justin Swisher, CrowdStrike 

Threat Modelling: It's Not Just for Developers 
Tim Wadhwa-Brown, Cisco 

Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK 
Haylee Mills, Splunk 

What is ATT&CK Coverage, Anyway? Breadth and Depth Analysis with Atomic Red Team 
Brian Donohue, Red Canary  

When Insiders ATT&CK! 
Matt Snyder, VMware 

Would You Rather Have Telemetry Into 2 Attacks or 20? An Insight Into Highly Valued Data Sources 
Jonny Johnson, Red Canary 
Olaf HartongFalconForce

Learn more about the MITRE ATT&CK Framework

Revisit MITRE ATT&CKcon Power Hour

Thanks to all of the presenters who shared their work and ideas during our four MITRE ATT&CKcon Power Hour sessions. In case you missed any of the sessions, we have an exclusive YouTube playlist with videos of the presentations. You also can access presentation slides from the sessions on SlideShare.


Watch the Videos

View the Presentation Slides



MITRE ATT&CKcon Questions?

Please email the team at