Back

Presentation by Robert Petrunić confirmed for DEEP: ATT&CK or !ATT&CK that is the question

Even during this semi-lockdown we are busy preparing for DEEP and ensuring you the best possible experience at the conference. Thus, we are announcing a new presentation by Robert Petrunić, addressing some of really important questions in our business.

What is it about and is it significant for you? Let’s check:

Do you use MITRE ATT&CK framework?

If you are a red teamer, blue teamer or incident handler - you should. To make it simpler, if you are an X teamer - you should definitely use it. If you are an adversary - you probably already are using it.

So, what's the point behind it?

Released to the public in 2015, MITRE ATT&CK framework gives the context to the attack. Instead of trying to identify tools and malware used in adversary campaigns, the focus is on techniques (how) and tactics (why). If you want to learn about MITRE ATT&CK framework and how to use it in your incident handling or X teaming - this is the right lecture for you. Or, if you just want to see the process a decent hacker would go through (DEMO: from initial foothold to persistence), you should join us too.

Of course, Robert will do the talk on the basis of vast personal experience. He works as a senior information security consultant in Eduron IS, the company dedicated to IT security education, penetration testing and computer forensics. He is also a lecturer in most successful Croatian private college Algebra - university college for applied computer engineering, where he has designed several courses related to computer security and forensics.

Robert is Microsoft certified trainer since 2002, EC-Council certified trainer since 2008 and ISC2 certified trainer since 2014. He works mainly in security field starting 2004, and Microsoft acknowledged this at 2008, assigning him Microsoft most valuable professional recognition for nine years in a row. For the last sixteen years Robert is working on programs related to ethical hacking and IT security awareness for systems administrators, developers and IT security consultant. He is also often a lecturer at regional IT conferences.