Security teams must address the countless vulnerabilities in popular document formats like PDFs, Office files and legacy textual formats. This session will cover the best practices on how to build a document analysis pipeline including the pros and cons of true type detection, sandboxing, signatures, dynamic/static content inspection, isolation and content disarming and reconstruction. We will also cover the attackers view and the different evasion techniques of malicious payloads going through a carefully designed document analysis pipeline.
by Dan Amiga and Dor Knafo
Full Abstract & Presentation Materials: