A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Defeating Next-Gen AV and EDR: Using Old (And New) Tricks on New Dogs - Nick Lehman (Graph-X), Steve Eisen (Rum Twinkies) Derbycon 2019 (Hacking Illustrated Series InfoSec Tutorial Videos)

Defeating Next-Gen AV and EDR: Using Old (And New) Tricks on New Dogs
Nick Lehman (Graph-X), Steve Eisen (Rum Twinkies)
Derbycon 2019

Next-Gen AV and EDR are the new hotness on the scene this year. They promise to put the bad guys and the red team in their place through increased endpoint detection and response. What they don't do that even traditional AV has had issues with is self-protection. This talk will go into the ways in which next-gen AV and EDR (Cylance, Crowdstrike, Carbon Black, Defender ATP) can be defeated using simple tricks that have worked against AV for decades. Rather than attempt to hide from them, attacking them head on through gaps in self-protection mechanisms seems to be the best bang for the buck.

Steve is an IR and threat hunting specialist, working for . His turn ons include IOCs, fileless malware samples, C++ and gandalf sax guy 10 hour Youtube jams.His turn offs: People who don't hold doors, lactose, and Perl. Nick is an offensive security professional working for . In his spare time he is a casual CS:GO try-hard. Turn ons include: RCE, LFI, TLAs and over-privileged accounts.Turnoffs include:feet, undocumented APIs, and NDAs.

@graphx, Steve only has a facebook and instagram.You should follow him on instagram

Back to Derbycon 2019 video list

Printable version of this article

15 most recent posts on Irongeek.com:


    If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

    Copyright 2019, IronGeek
    Louisville / Kentuckiana Information Security Enthusiast