How do you use the MITRE ATT&CK framework to plan and execute a threat hunt? Walk me through how you would select techniques to hunt for and how you would determine whether your environment has the data needed to detect them.

Sample answer preview

The MITRE ATT&CK framework is one of the most valuable tools for structuring threat hunting activities because it provides a comprehensive, categorized catalog of adversary tactics and techniques observed in real-world attacks. Here is how I use it to plan and execute hunts.