The goal of the talk is to answer a few questions we often see or hear : “ATT&CK is nice and all, but how do I (we) get started?“, “How can I (we) detect those TTP?“, “Why use the ATT&CK Framework?“, etc. The ATT&CK Framework from Mitre is the new honest in the InfoSec world. There’s a lot of open source projects that use it, commercial products have started using it to show what TTP they cover, it even has it’s own conference : ATT&CKcon.
Mathieu Saulnier ,
Mathieu Saulnier is a “Security Enthusiast” ©@h3xstream. He has held numerous positions as a consultant within several of Quebec’s largest institutions. For the last 6 years he has been focused on putting in place a few SOC and has specialized in detection (Blue Team), content creation and mentorship. He currently holds the title of « Senior Security Architect » and acts as “Adversary Detection Team Lead” and “Threat Hunting Team Lead” in one of Canada’s largest carrier. In the last decade, he has taken two separate sabbaticals to travel Africa and Asia.