As one of MITRE’s proud supporters, Red Canary is thrilled to join some of the brightest minds in security for the second annual ATT&CKcon. This hybrid online and in-person conference includes a variety of presentations and practical training.
Stop by the Red Canary booth to pick up a t-shirt and talk with our team about how we integrate ATT&CK. And don’t miss our two educational talks by Keith McCammon and Tony Lambert! Details are below.
Featuring talks by:
Tony Lambert, Detection Engineer
Alertable Techniques for Linux Using ATT&CK
Tuesday, October 29 | Morning Session
Not every ATT&CK technique is alertable and not all of them provide the same value for immediate detection. This session will introduce the concept of alertable detections using Linux ATT&CK techniques as a case study.
Prioritizing Data Sources for Minimum Viable Detection
Wednesday, October 30 | Morning Session
ATT&CK includes a list of the data sources necessary to observe an adversary leveraging a given technique. But in the same way you can’t build alerts for every technique, you can’t gain access to every data source. How do you effectively prioritize data sources to get the best returns on your visibility investments?
This talk will explore how security professionals can turn their internal security data into community intelligence that enumerates the threats that occur most often, enabling us all to establish data-based priorities that guide the way we spend our money and time—whether we’re buying, developing, or selling security tools.