MITRE ATT&CKcon Agenda

""

Monday, October 28, 2019 – Pre-conference Program

(Due to the format, the Pre-conference program on Monday will be in-person only and not streamed live. Advance registration required for attendance.)

Time Topic
8:00am – 9:00am Registration and Breakfast
9:00am – 9:15am Welcome
9:15am – 11:45am Cyber Threat Intelligence
Katie Nickels, ATT&CK Threat Intelligence Lead, MITRE
Adam Pennington, Principal Cybersecurity Engineer, MITRE


Adversary Emulation with CALDERA
David Hunt, Principal Cybersecurity Engineer, MITRE
11:45am – 1:15pm Lunch
1:15pm – 3:45pm Detection and Analytics
John Wunder, Principal Cybersecurity Engineer, MITRE


SOC Assessments
Andy Applebaum, Principal Cybersecurity Engineer, MITRE
3:45pm – 4:00pm Snack Break
4:00pm – 5:30pm Birds of a Feather
(Topics will be selected upon arrival on a first-come basis.)
5:30pm – 7:30pm Welcome Reception
(If you do not attend the Pre-conference program, please check in at the registration desk in the MITRE 4 lobby prior to attending the reception.)

 

Tuesday, October 29 – Conference Day 1

Online audience – Exclusive online-only content will continue during lunch and breaks. Stay tuned to see interviews with our speakers. 

Time Topic
8:00am – 9:00am Registration and Breakfast
8:50am Streaming begins for online audience
9:00am – 9:15am Welcome
Katie Nickels, ATT&CK Threat Intelligence Lead, MITRE
9:15am – 10:00am Keynote Address
Toni Gidwani, Threat Analysis Group, Google
10:00am – 10:30am State of the ATT&CK
Blake Strom, ATT&CK Lead, MITRE
10:30am – 11:00am Break
11:00am – 11:30am Using Threat Intelligence to Focus ATT&CK Activities
David Westin, Threat Intelligence Manager, Nationwide
Andy Kettell, Consultant, Nationwide
11:30am – 12:00pm Prioritizing ATT&CK Informed Defenses the CIS Way
Philippe Langlois, Senior Risk Analyst, Verizon DBIR
Joshua Franklin, Senior Security Engineer, Center for Internet Security (CIS)
12:00pm – 12:30pm Alertable Techniques for Linux using ATT&CK
Tony Lambert, Detection Engineer/Intelligence, Red Canary
12:30pm – 1:20pm Lunch
1:20 – 1:30pm MITRE Executive Welcome
Gary Gagnon, Vice President, Cyber Strategy and Chief Security Officer, MITRE
1:30pm – 1:45pm ATT&CK Updates – TRAM
Jackie Lasky, Cybersecurity Engineer, MITRE
Sarah Yoder, Cybersecurity Engineer, MITRE
1:45pm – 2:15pm Raiders of the MITRE Framework: How to Build Your Own Threat Library
Valentina Palacin, Threat Intelligence Analyst, Deloitte
Ruth Esmeralda Barbacil, Threat Intelligence Analyst, Deloitte
2:15pm – 2:45pm Climbing the ATT&CK Ladder: How a Threat Hunting Team Has Upgraded Its Use of ATT&CK
Karl Scheuerman, Senior Strategic Intrusion Analyst, CrowdStrike
Piotr Wojtyla, Senior Researcher, CrowdStrike
2:45pm – 3:15pm From Susceptible to ATT&CK: A Threat Hunting Story
Chris Thayer, Cyber Security Investigator, Mastercard
3:15pm – 3:45pm Break
3:45pm – 4:00pm ATT&CK Updates – Sightings
John Wunder, Principal Cybersecurity Engineer, MITRE
4:00pm – 4:15pm Zeek-based ATT&CK Metrics & Gap Analysis
Allan Thomson, Chief Technology Officer, LookingGlass Cyber Solutions
4:15pm – 4:30pm attckr: A Toolkit for Analysis & Visualization of ATT&CK Incident Data for Service Providers & Organizations
Bob Rudis, Chief Data Scientist, Rapid7
4:30pm – 4:45pm MITRE ATT&CK Assessment from a Data Perspective
Olaf Hartong, Specialist Leader, Deloitte
4:45pm – 5:05pm Threat-Informed Defense: Where do we go from here?
Richard Struse, Chief Strategist for Cyber Threat Intelligence, MITRE
5:05pm – 5:10pm Wrap-up
Katie Nickels, ATT&CK Threat Intelligence Lead, MITRE
5:10pm Streaming concludes for online audience
5:30pm – 7:30pm Reception
MITRE 4 – Ground floor lobby

 

Wednesday, October 30 – Conference Day 2

Online audience – Exclusive online-only content will continue during lunch and breaks. Stay tuned to see interviews with our speakers.

Time Topic
8:00am – 9:00am Breakfast
8:50am Streaming begins for online audience
9:00am – 9:15am Open Remarks/Recap
Katie Nickels, ATT&CK Threat Intelligence Lead, MITRE
9:15am – 9:45am AMITT: ATT&CK-based Standards for Misinformation Threat Sharing
Sara-Jayne Terp, (Co-chair) Credibility Coalition MisinfoSec Working Group
John Gray, (Co-chair) Credibility Coalition MisinfoSec Working Group
9:45am – 10:00am Flashback with ATT&CK: Exploring Malware History with ATT&CK (2003-2018)
Kris Oosthoek, Senior SOC Analyst and PhD Candidate, Delft University of Technology
10:00am – 10:15am Tell Tall Tales With ATT&CK!
James Lerud, Security Guy, Titania Solutions Group
10:15am – 10:30am ATT&CK Updates – ICS
Otis Alexander, Lead Cyber Security Engineer, MITRE
10:30am – 11:00am Break
11:00am – 11:30am Ready to ATT&CK? Bring Your Own Data (BYOD) and Validate Your Data Analytics!
Roberto Rodriguez, Cybersecurity Specialist
Jose Luis Rodriguez, Student
11:30am – 12:00pm Prioritizing Data Sources for Minimum Viable Detection
Keith McCammon, Chief Security Officer, Red Canary
12:00pm – 12:15pm ATT&CK Updates – Controls Mapping
Mike Long, Senior Cyber Adversarial Engineer, MITRE
12:15pm – 1:15pm Lunch
1:15pm – 1:30pm The World’s Most Dangerous ATT&CKers
Robert Lipovský, Senior Malware Researcher, ESET
1:30pm – 2:00pm Lessons in Purple Teaming with ATT&CK
Daniel Wyleczuk-Stern, Principal Security Engineer, Praetorian
Matt Southworth, Chief Information Security Officer; Priceline, Booking Holdings
2:00pm – 2:15pm ATT&CK Updates – CAR and Analytics
Ivan Kirillov, Lead Information Security Engineer, MITRE
2:15pm – 2:30pm Break
2:30pm – 3:15pm Lightning Talks

A Love Song for Heat Maps
Brian Donohue, Red Canary

Operationalize ATT&CK with Boring Dashboards
Dan Cole, ThreatConnect Inc

MITRE ATT&CK Maturity Model Mappings from In the Field Observations
Stephan Chenette, AttackIQ

ATT&CK Poker
Ivan Ninichuck, Cyber Knights

Tracking and measuring your ATT&CK coverage with ATT&CK2Jira
Mauricio Velazco

STIX in the Mud
Bryson Bort, SCYTHE

ATT&CK, Intelligence, and Micro-Purple Teaming
Emma MacMullan, Federal Reserve

#GuardrailsoftheGalaxy: The Prologue
Nick Carr, FireEye
3:15pm – 3:30pm ATT&CK Updates – PRE Integration
Adam Pennington, Principal Cyber Security Engineer, MITRE
3:30pm – 3:45pm Closing Remarks
Katie Nickels, ATT&CK Threat Intelligence Lead, MITRE
Blake Strom, ATT&CK Lead, MITRE
3:45pm Streaming concludes for online audience

 

All times are Eastern Daylight Time. Final times subject to change.


Updates from the MITRE ATT&CK team will be provided throughout the conference.

MITRE ATT&CKcon

ATT&CKcon Home
Agenda
Logistics
Watch Party Toolkit

 

Watch Online

Sign up to watch ATT&CKcon streamed live online.

Sign Up

MITRE ATT&CKcon Questions?

Please email the team at attackcon@mitre.org.