The Irrelevance of K-Bytes Detection — Building a Robust Pipeline for Malicious Documents

Дата: 19.01.2018. Автор: CISOCLUB. Категории: Подкасты и видео по информационной безопасности

Security teams must address the countless vulnerabilities in popular document formats like PDFs, Office files and legacy textual formats. This session will cover the best practices on how to build a document analysis pipeline including the pros and cons of true type detection, sandboxing, signatures, dynamic/static content inspection, isolation and content disarming and reconstruction. We will also cover the attackers view and the different evasion techniques of malicious payloads going through a carefully designed document analysis pipeline.

by Dan Amiga and Dor Knafo

Full Abstract & Presentation Materials:
https://www.blackhat.com/asia-17/briefings.html#the-irrelevance-of-k-bytes-detection-building-a-robust-pipeline-for-malicious-documents

CISOCLUB

Об авторе CISOCLUB

Редакция CISO CLUB. Официальный аккаунт. CISO CLUB - информационный портал и профессиональное сообщество специалистов по информационной безопасности.
Читать все записи автора CISOCLUB

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *