The Mitre ATT&CK Conference

ATT&CKcon

Today many organizations are using Bro (newly named Zeek) for network security monitor as it provides a powerful network analysis framework. This presentation will describe how to leverage Zeek to report on ATT&CK TTPs, raw events, and other detectable activities. Key takeaways include how to report on sightings and occurrences of ATT&CK TTPs and events providing both metrics and gap analysis to inform security operations teams on where their defense may require improvement.

Event Website