The MITRE ATT&CK framework has gained a lot of traction in the security community as a taxonomy and knowledge base to describe adversary behavior. However, the framework and its related tools have a much broader potential impact and scope. What's missing is a good understanding of the practical operational use cases and the supporting tools. This session will fill that gap.Learning Objectives:1: Understand the essence of the ATT&CK framework and its operational relevance.2: Identify ATT&CK use cases in prevention, detection/hunting and response.3: Gain insight into the available tools and systems to convert ATT&CK into practice.