ATT&CKcon 3.0

The conference dedicated to the MITRE ATT&CK® community returns in 2022.

Mar 29 - 30, 2022
Add to Calendar
All day

Join us either in person or virtually for ATT&CKcon 3.0 live from MITRE headquarters in McLean, Virginia, on March 29 and 30. We’re looking forward to showcasing great speakers, content, and conversation to help you make the most of how you use ATT&CK. 

MITRE ATT&CKcon Questions? Please email the team at

In-Person Safety  

While we’re excited to host attendees in-person, ensuring your safety is essential.   

The following COVID-19 protocols will be in place throughout the conference:  

  • The conference will operate under limited in-person capacity.  
  • Proof of vaccination (physical or digital) will be required for entry.   
  • Masks will be required in all indoor areas.


In-person registration opens January 27 at 11 a.m. ET / 4 p.m. UTC. 

The conference registration link will be posted to @MIREattack on Twitter, so be sure to visit

In-person tickets will be $295 for general admission and $149 for government employees.

Can’t make it in person? Join us virtually. 

ATT&CKcon 3.0 will also be broadcast live, with exclusive online content and commentary. Registration for the virtual component is free and will launch in the coming weeks. 

Follow @MITREattack on Twitter for updates on our virtual programming. Not on Twitter? You can also get our latest information on LinkedIn.  


We already have a great slate of presentations confirmed for ATT&CKcon 3.0: 

The ATT&CK Latin American APT Playbook 
Santiago Pontiroli and Dmitry Bestuzhev, Kaspersky 

The ATT&CK Metaverse: Exploring the Limitations of Applying ATT&CK on Intelligence Led Defenses 
Gert-Jan Bruggink, Venation 

The ATT&CK Philharmonic 
Ivan Ninichuck and Andy Shepard, Siemplify 

ATT&CKing Containers in the Cloud 
Jared Stroud, Lacework 

ATT&CKing the Red/Blue Divide 
Fred Frey and Jonathan Mulholland, SnapAttack 

Automating the Mundanity of Technique IDs with ATT&CK Detections Collector 
Marcus LaFerrera and Ryan Kovar, Splunk 

Exploring How Students Map Social Engineering Techniques to the ATT&CK Framework During a Real-Time Cybersecurity Exercise 
Aunshul Rege, Katorah Williams, and Rachel Bleiman, Temple University 

It's Just a Jump to the Left (of Boom): Prioritizing Detection Implementation with Intelligence and ATT&CK 
Lindsay Kaye and Scott Small, Recorded Future 

Knowledge for the Masses: Storytelling with ATT&CK! 
Ismael Valenzuela and Jose Luis Sanchez Martinez, Trellix 

Landing on Jupyter: The Transformative Power of Data-Driven Storytelling for Security Operations 
Jose Barajas and Stephan Chenette, AttackIQ 

Mapping ATT&CK Techniques to Engage Activities 
David Barroso, CounterCraft Security, Inc. 

Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interactive Intrusion Campaigns 
Jason Wood and Justin Swisher, CrowdStrike 

Threat Modelling: It's Not Just for Developers 
Tim Wadhwa-Brown, Cisco 

Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK 
Haylee Mills, Splunk 

What is ATT&CK Coverage, Anyway? Breadth and Depth Analysis with Atomic Red Team 
Brian Donohue, Red Canary  

When Insiders ATT&CK! 
Matt Snyder, VMware 

Would You Rather Have Telemetry Into 2 Attacks or 20? An Insight Into Highly Valued Data Sources 
Jonny Johnson, Red Canary 
Olaf Hartong, FalconForce

ATT&CK framework on an office wall

Learn more about the MITRE ATT&CK Framework

ATT&CKcon Power Hour logo

Revisit MITRE ATT&CKcon Power Hour

Thanks to all of the presenters who shared their work and ideas during our four MITRE ATT&CKcon Power Hour sessions. In case you missed any of the sessions, we have an exclusive YouTube playlist with videos of the presentations. You also can access presentation slides from the sessions on SlideShare.