In recent years, Application Whitelisting has been one of the new breeds of antimalware technology.  However, malware has already developed techniques for dealing with and impeding this new technology's adoption rate, from causing unwanted behavior in the solution to directly altering the execution of the security solution to avoid detection while making it appear as though it is operating correctly.  This talk will demonstrate how malware can accomplish these negative outcomes by manipulating application certificates and using file system filter drivers. This talk will also discuss how to factor these vulnerabilities into your security decisions.

BIO: Co-presenters Joe Kovacic (CEO and principal engineer) and Jared Sperli (COO and principal chauffeur) are co-founders of itSoftware which specializes in Windows security solutions. Joe started his career as an IT Helpdesk Software Engineer and later applied his Windows expertise to software development at VMware. Jared is an Army military intelligence veteran with training in computer network operations and a lot of time spent in Strykers.

Back to BSides Las Vegas 2013 video list