Subverting Sysmon: Application of a Formalized Security Product Evasion Methodology

Дата: 15.01.2020. Автор: CISOCLUB. Категории: Подкасты и видео по информационной безопасности

While security products are a great supplement to the defensive posture of an enterprise, to well-funded nation-state actors, they are an impediment to achieving their objectives. As pentesters argue the efficacy of a product because it doesn’t detect their specific offensive technique, mature actors recognize a need to holistically subvert the product at every step during the course their operation.

By Lee Christensen + Matt Graeber

Full abstract and materials: https://www.blackhat.com/us-18/briefings/schedule/#subverting-sysmon-application-of-a-formalized-security-product-evasion-methodology-9982

Об авторе CISOCLUB

Редакция CISOCLUB. Официальный аккаунт. CISOCLUB - информационный портал и профессиональное сообщество специалистов по информационной безопасности.
Читать все записи автора CISOCLUB

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *