These notebooks were used at ATT&CKCon 2.0 for the Detection and Analytics training.
The data sources notebook is an exploration ATT&CK data sources and how to understand and prioritize data collection. It walks through pulling the ATT&CK content, extracting and graphing the data sources, and building heatmaps for what can be collected given current sources.
The prioritization scenarios notebook contains a sample threat report describing some ATT&CK techniques. It then asks the user to build a heatmap describing those techniques in order to prioritize detection.
Lastly, it describes how to use the ATT&CK navigator to overlay that heatmap with the detection heatmap to see what is visible and not visible given current detection.