Workshop
Fast track: Threat Hunting using MITRE ATT&CK™ TTPs to Identify Adversarial Behaviors08/10/24 | 12:00 - 17:00 | on site
Infinigate Belgium
Blarenberglaan 3B, 2800 Mechelen
Price: Free
In this workshop, participants will learn how to use Fortinet analytics products to hunt for threats using Tactics, Techniques and Procedures (TTPs).
The challenge is set up with several exercises set around the technical goals the adversary is trying to achieve (ATT&CK™ Tactics), for example, Initial Access, Persistence, Privilege Escalation, Command and Control. Participants will be asked to detect any techniques being used by an adversary to achieve these goals.
Duration
5h00
Who should attend?
Technical profiles interested to learn more about hacker techniques.
Requirements
Every participant should bring a fully charged laptop.
Agenda
12h00-13h00
Registration and welcome lunch
13h00-17h00
- What is the MITRE ATT&CK framework and how it can be used
- What are the TTPs that threat actor's use to carry out a breach
- Use FortiEDR threat hunting capabilities to uncover threats on the network
- Use FortiSIEM analytics to discover attacker behavior based on attack techniques
- Use FortiDeceptor to find attacker activity and shorten atttacker dwell time
Speakers
Stijn Vanbinnebeeck - Cybersecurity Engineer @ Infinigate Belgium
Santi Meremans - Presales Engineer @ Infinigate Belgium