John Lilliston, Detect Product Director at ThreatLocker, is a cybersecurity leader with deep expertise in threat detection, risk assessment, and defense strategies. A graduate of Georgia Southern University with a Bachelor of Science in Information Technology, he began his career in IT before transitioning to cybersecurity at Gulfstream Aerospace. There, he advanced through multiple roles, specializing in threat intelligence, incident response, and data forensics. At ThreatLocker, John leads the Detect product, as well as the company’s MDR and Threat Intelligence programs, driving innovation and ensuring alignment between product capabilities and real-world defensive operations. His focus is on evolving security offerings to stay ahead of emerging threats and deliver actionable protection for organizations worldwide.
Use of the MITRE Attack Framework in Threat Detection – John Lilliston – ZTW26 #2
This session will cover and introduction to the Attack Framework along with logo analysis to identify indicators of compromise, types of IOCs, logging sensitive data access, and mappings to ThreatLocker Detect. This segment is sponsored by Zero Trust World. Visit https://securityweekly.com/ztw to see all of our coverage of this event!
This episode is sponsored by
Full Segment Notes
This session will cover and introduction to the Attack Framework along with logo analysis to identify indicators of compromise, types of IOCs, logging sensitive data access, and mappings to ThreatLocker Detect.This segment is sponsored by Zero Trust World. Visit https://securityweekly.com/ztw to see all of our coverage of this event!
Guest
Stay in the Know, No Smoke and Mirrors – Join Our Newsletter
Get expert insights and technical breakdowns straight to your inbox.
You can skip this ad in 5 seconds








