Jen Burns

Senior Cybersecurity Engineer, The MITRE Corporation

ATT&CKing from Every Angle: How you can use MITRE ATT&CK™

The open-source MITRE ATT&CK knowledge base continues to increase in popularity in the cybersecurity community, as confirmed by ATT&CK’s 16,000+ Twitter followers and the increasing number of security vendors embracing ATT&CK as a tool to categorize techniques, tactics, and procedures. Although ATT&CK started as a project at MITRE almost five years ago as a way to categorize common adversary behavior to allow red and blue teams to better communicate, there are now many ways ATT&CK is being used by the community, including to create detections, to categorize threat intelligence, to evaluate security software, and even to provide a common language for SOC analysts and engineers to communicate with C-suite executives. Everyone will walk away from this talk with a better understanding of ATT&CK and practical use cases for the knowledge base, but more specifically engineers will learn how to apply ATT&CK to make better resource decisions, analysts will learn how to organize intelligence using ATT&CK, and defenders will understand how to improve defenses with behavioral detections based on ATT&CK.


Jen Burns is a Senior Cybersecurity Engineer who joined MITRE shortly after earning her Master’s in Information Security from Carnegie Mellon University. She’s the infrastructure lead for ATT&CK and an ATT&CK content developer, focusing on macOS. She also works in MITRE’s cyber analytics capability area, researching the application of generative adversarial machine learning on the detection of phishing domains.


« back

Become a Source Insider

Get promotions and special offers directly to your inbox.